From 6f2384c97e77af167fdb97165c42782fde8ab397 Mon Sep 17 00:00:00 2001
From: Aswin V
Date: Sat, 19 Mar 2022 00:07:44 +0530
Subject: [PATCH] Add missing env to one click deploy (#122)
* Fix env from heroku
* Add missing envs
* Support DATABASE_URL env
* Fix IDP_ENABLED env check
* Remove env setting
* SAML_AUDIENCE env value and not required change
* CLIENT_SECRET_VERIFIER not required
* Fix envLink and add variables
* Use defaultDb util across npm and service
* Add IDP_ENABLED
---
Procfile | 2 +-
README.md | 2 +-
app.json | 69 +++++++++++++++++++++++++++++++++++++++++
lib/env.ts | 4 +--
lib/nextAuthAdapter.ts | 4 ++-
npm/src/db/defaultDb.ts | 12 +++++++
npm/src/index.ts | 8 ++---
7 files changed, 90 insertions(+), 11 deletions(-)
create mode 100644 npm/src/db/defaultDb.ts
diff --git a/Procfile b/Procfile
index 13abf2f3e..bc5930a1c 100644
--- a/Procfile
+++ b/Procfile
@@ -1 +1 @@
-web: export DB_URL=$POSTGRES_URL JACKSON_API_KEYS=$JACKSON_API_KEYS && ./node_modules/.bin/next start -p $PORT
\ No newline at end of file
+web: ./node_modules/.bin/next start -p $PORT
\ No newline at end of file
diff --git a/README.md b/README.md
index c7adad79f..29fa69c0e 100644
--- a/README.md
+++ b/README.md
@@ -12,7 +12,7 @@
-[![Deploy with Vercel](https://vercel.com/button)]()
+[![Deploy with Vercel](https://vercel.com/button)]()
[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy)
SAML service [SAML in a box from BoxyHQ]
diff --git a/app.json b/app.json
index 1660a4694..225bde839 100644
--- a/app.json
+++ b/app.json
@@ -18,6 +18,75 @@
"EXTERNAL_URL": {
"description": "The public URL of the app. See https://boxyhq.com/docs/jackson/env-variables#external_url . Replace below with 'App name' from above",
"value": "https://.herokuapp.com"
+ },
+ "IDP_ENABLED": {
+ "description": "https://boxyhq.com/docs/jackson/deploy/env-variables#idp_enabled",
+ "required": false
+ },
+ "CLIENT_SECRET_VERIFIER": {
+ "description": "https://boxyhq.com/docs/jackson/deploy/env-variables#client_secret_verifier",
+ "required": false
+ },
+ "SAML_AUDIENCE": {
+ "description": "https://boxyhq.com/docs/jackson/deploy/env-variables#saml_audience",
+ "value": "https://saml.boxyhq.com",
+ "required": false
+ },
+ "DB_ENGINE": {
+ "description": "https://boxyhq.com/docs/jackson/deploy/env-variables#db_engine Leave empty to use the heroku-postgresql",
+ "required": false
+ },
+ "DB_URL": {
+ "description": "https://boxyhq.com/docs/jackson/deploy/env-variables#db_url Leave empty to use the heroku-postgresql",
+ "required": false
+ },
+ "DB_TYPE": {
+ "description": "https://boxyhq.com/docs/jackson/deploy/env-variables#db_type Leave empty to use the heroku-postgresql",
+ "required": false
+ },
+ "DB_TTL": {
+ "description": "https://boxyhq.com/docs/jackson/deploy/env-variables#db_ttl",
+ "required": false
+ },
+ "DB_CLEANUP_LIMIT": {
+ "description": "https://boxyhq.com/docs/jackson/deploy/env-variables#db_cleanup_limit",
+ "required": false
+ },
+ "DB_ENCRYPTION_KEY": {
+ "description": "https://boxyhq.com/docs/jackson/deploy/env-variables#db_encryption_key",
+ "required": false
+ },
+ "SMTP_HOST": {
+ "description": "https://boxyhq.com/docs/jackson/deploy/env-variables#smtp_host",
+ "required": false
+ },
+ "SMTP_PORT": {
+ "description": "https://boxyhq.com/docs/jackson/deploy/env-variables#smtp_port",
+ "required": false
+ },
+ "SMTP_USER": {
+ "description": "https://boxyhq.com/docs/jackson/deploy/env-variables#smtp_user",
+ "required": false
+ },
+ "SMTP_PASSWORD": {
+ "description": "https://boxyhq.com/docs/jackson/deploy/env-variables#smtp_password",
+ "required": false
+ },
+ "SMTP_FROM": {
+ "description": "https://boxyhq.com/docs/jackson/deploy/env-variables#smtp_from",
+ "required": false
+ },
+ "NEXTAUTH_URL": {
+ "description": "https://boxyhq.com/docs/jackson/deploy/env-variables#nextauth_url",
+ "required": false
+ },
+ "NEXTAUTH_SECRET": {
+ "description": "https://boxyhq.com/docs/jackson/deploy/env-variables#nextauth_secret",
+ "required": false
+ },
+ "NEXTAUTH_ACL": {
+ "description": "https://boxyhq.com/docs/jackson/deploy/env-variables#nextauth_acl",
+ "required": false
}
}
}
diff --git a/lib/env.ts b/lib/env.ts
index c346fa2e9..00fa528eb 100644
--- a/lib/env.ts
+++ b/lib/env.ts
@@ -10,10 +10,10 @@ const apiKeys = (process.env.JACKSON_API_KEYS || '').split(',');
const samlAudience = process.env.SAML_AUDIENCE;
const preLoadedConfig = process.env.PRE_LOADED_CONFIG;
-const idpEnabled = !!process.env.IDP_ENABLED;
+const idpEnabled = process.env.IDP_ENABLED === 'true';
const db = {
engine: process.env.DB_ENGINE ? process.env.DB_ENGINE : undefined,
- url: process.env.DB_URL,
+ url: process.env.DB_URL || process.env.DATABASE_URL,
type: process.env.DB_TYPE ? process.env.DB_TYPE : undefined,
ttl: process.env.DB_TTL ? Number(process.env.DB_TTL) : undefined,
encryptionKey: process.env.DB_ENCRYPTION_KEY,
diff --git a/lib/nextAuthAdapter.ts b/lib/nextAuthAdapter.ts
index d36cdae45..5af28cf1e 100644
--- a/lib/nextAuthAdapter.ts
+++ b/lib/nextAuthAdapter.ts
@@ -3,12 +3,14 @@ import DB from 'npm/src/db/db';
import opts from './env';
import type { AdapterUser, VerificationToken } from 'next-auth/adapters';
import { validateEmailWithACL } from './utils';
+import defaultDb from 'npm/src/db/defaultDb';
const g = global as any;
export async function initNextAuthDB(): Promise {
if (!g.adminAuthStore) {
- const db = await DB.new(opts.db);
+ const _opts = defaultDb(opts);
+ const db = await DB.new(_opts.db);
g.adminAuthStore = db.store('admin:auth');
}
return g.adminAuthStore as Storable;
diff --git a/npm/src/db/defaultDb.ts b/npm/src/db/defaultDb.ts
new file mode 100644
index 000000000..9a5e86f0a
--- /dev/null
+++ b/npm/src/db/defaultDb.ts
@@ -0,0 +1,12 @@
+import { JacksonOption } from '../typings';
+
+export default function defaultDb(opts: JacksonOption) {
+ opts.db = opts.db || {};
+ opts.db.engine = opts.db.engine || 'sql';
+ opts.db.url = opts.db.url || 'postgresql://postgres:postgres@localhost:5432/postgres';
+ opts.db.type = opts.db.type || 'postgres'; // Only needed if DB_ENGINE is sql.
+ opts.db.ttl = (opts.db.ttl || 300) * 1; // TTL for the code, session and token stores (in seconds)
+ opts.db.cleanupLimit = (opts.db.cleanupLimit || 1000) * 1; // Limit cleanup of TTL entries to this many items at a time
+
+ return opts;
+}
diff --git a/npm/src/index.ts b/npm/src/index.ts
index 3fa48facb..25878f15c 100644
--- a/npm/src/index.ts
+++ b/npm/src/index.ts
@@ -4,6 +4,7 @@ import { AdminController } from './controller/admin';
import DB from './db/db';
import readConfig from './read-config';
import { JacksonOption } from './typings';
+import defaultDb from './db/defaultDb';
const defaultOpts = (opts: JacksonOption): JacksonOption => {
const newOpts = {
@@ -22,12 +23,7 @@ const defaultOpts = (opts: JacksonOption): JacksonOption => {
newOpts.preLoadedConfig = newOpts.preLoadedConfig || ''; // path to folder containing static SAML config that will be preloaded. This is useful for self-hosted deployments that only have to support a single tenant (or small number of known tenants).
newOpts.idpEnabled = newOpts.idpEnabled === true;
- newOpts.db = newOpts.db || {};
- newOpts.db.engine = newOpts.db.engine || 'sql';
- newOpts.db.url = newOpts.db.url || 'postgresql://postgres:postgres@localhost:5432/postgres';
- newOpts.db.type = newOpts.db.type || 'postgres'; // Only needed if DB_ENGINE is sql.
- newOpts.db.ttl = (newOpts.db.ttl || 300) * 1; // TTL for the code, session and token stores (in seconds)
- newOpts.db.cleanupLimit = (newOpts.db.cleanupLimit || 1000) * 1; // Limit cleanup of TTL entries to this many items at a time
+ defaultDb(newOpts);
newOpts.clientSecretVerifier = newOpts.clientSecretVerifier || 'dummy';