6571c0f122
Implements the §12 bootstrap from docs/mobile-app-plan.md. Backend (§6): - auth: optional returnToken flag on login returns the JWT in the body (data.authToken) for native Keychain/Keystore + Bearer; web cookie flow unchanged. - main.ts: explicit CORS allowlist (APP_URL + CORS_ALLOWED_ORIGINS env + Capacitor WebView origins), credentials enabled, replaces open enableCors(). - optional OpenAPI/Swagger at /api/docs behind SWAGGER_ENABLED. - env: CORS_ALLOWED_ORIGINS, SWAGGER_ENABLED, CAP_SERVER_URL. PWA: - manifest metadata, hand-rolled service worker (network-first nav, SWR assets, never intercepts /api,/socket.io,/collab), prod-only registration, apple-touch-icon. Capacitor: - capacitor.config.ts (webDir apps/client/dist; iOS via CAP_SERVER_URL to avoid bundling the AGPL client in the .ipa, see plan §9), cap:* scripts, deps, .gitignore for native dirs. - docs/mobile-bootstrap.md documenting what is done and the remaining manual steps (cap add ios/android, APNs/FCM, stores). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
339 lines
8.5 KiB
TypeScript
339 lines
8.5 KiB
TypeScript
import { Injectable } from '@nestjs/common';
|
|
import { ConfigService } from '@nestjs/config';
|
|
import ms, { StringValue } from 'ms';
|
|
|
|
@Injectable()
|
|
export class EnvironmentService {
|
|
constructor(private configService: ConfigService) {}
|
|
|
|
getNodeEnv(): string {
|
|
return this.configService.get<string>('NODE_ENV', 'development');
|
|
}
|
|
|
|
isDevelopment(): boolean {
|
|
return this.getNodeEnv() === 'development';
|
|
}
|
|
|
|
getAppUrl(): string {
|
|
const rawUrl =
|
|
this.configService.get<string>('APP_URL') ||
|
|
`http://localhost:${this.getPort()}`;
|
|
|
|
const { origin } = new URL(rawUrl);
|
|
return origin;
|
|
}
|
|
|
|
isHttps(): boolean {
|
|
const appUrl = this.configService.get<string>('APP_URL');
|
|
try {
|
|
const url = new URL(appUrl);
|
|
return url.protocol === 'https:';
|
|
} catch (error) {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
getSubdomainHost(): string {
|
|
return this.configService.get<string>('SUBDOMAIN_HOST');
|
|
}
|
|
|
|
getPort(): number {
|
|
return parseInt(this.configService.get<string>('PORT', '3000'));
|
|
}
|
|
|
|
getAppSecret(): string {
|
|
return this.configService.get<string>('APP_SECRET');
|
|
}
|
|
|
|
getDatabaseURL(): string {
|
|
return this.configService.get<string>('DATABASE_URL');
|
|
}
|
|
|
|
getDatabaseMaxPool(): number {
|
|
return parseInt(this.configService.get<string>('DATABASE_MAX_POOL', '10'));
|
|
}
|
|
|
|
getRedisUrl(): string {
|
|
return this.configService.get<string>(
|
|
'REDIS_URL',
|
|
'redis://localhost:6379',
|
|
);
|
|
}
|
|
|
|
getJwtTokenExpiresIn(): string {
|
|
return this.configService.get<string>('JWT_TOKEN_EXPIRES_IN', '90d');
|
|
}
|
|
|
|
getCookieExpiresIn(): Date {
|
|
const expiresInStr = this.getJwtTokenExpiresIn();
|
|
let msUntilExpiry: number;
|
|
try {
|
|
msUntilExpiry = ms(expiresInStr as StringValue);
|
|
} catch (err) {
|
|
msUntilExpiry = ms('90d');
|
|
}
|
|
return new Date(Date.now() + msUntilExpiry);
|
|
}
|
|
|
|
getGotenbergUrl(): string | undefined {
|
|
return this.configService.get<string>('GOTENBERG_URL');
|
|
}
|
|
|
|
getStorageDriver(): string {
|
|
return this.configService.get<string>('STORAGE_DRIVER', 'local');
|
|
}
|
|
|
|
getFileUploadSizeLimit(): string {
|
|
return this.configService.get<string>('FILE_UPLOAD_SIZE_LIMIT', '50mb');
|
|
}
|
|
|
|
getFileImportSizeLimit(): string {
|
|
return this.configService.get<string>('FILE_IMPORT_SIZE_LIMIT', '200mb');
|
|
}
|
|
|
|
getAwsS3AccessKeyId(): string {
|
|
return this.configService.get<string>('AWS_S3_ACCESS_KEY_ID');
|
|
}
|
|
|
|
getAwsS3SecretAccessKey(): string {
|
|
return this.configService.get<string>('AWS_S3_SECRET_ACCESS_KEY');
|
|
}
|
|
|
|
getAwsS3Region(): string {
|
|
return this.configService.get<string>('AWS_S3_REGION');
|
|
}
|
|
|
|
getAwsS3Bucket(): string {
|
|
return this.configService.get<string>('AWS_S3_BUCKET');
|
|
}
|
|
|
|
getAwsS3Endpoint(): string {
|
|
return this.configService.get<string>('AWS_S3_ENDPOINT');
|
|
}
|
|
|
|
getAwsS3ForcePathStyle(): boolean {
|
|
const forcePathStyle = this.configService
|
|
.get<string>('AWS_S3_FORCE_PATH_STYLE', 'false')
|
|
.toLowerCase();
|
|
return forcePathStyle === 'true';
|
|
}
|
|
|
|
getAwsS3Url(): string {
|
|
return this.configService.get<string>('AWS_S3_URL');
|
|
}
|
|
|
|
getAzureStorageAccountName(): string {
|
|
return this.configService.get<string>('AZURE_STORAGE_ACCOUNT_NAME');
|
|
}
|
|
|
|
getAzureStorageContainer(): string {
|
|
return this.configService.get<string>('AZURE_STORAGE_CONTAINER');
|
|
}
|
|
|
|
getAzureStorageAccountKey(): string {
|
|
return this.configService.get<string>('AZURE_STORAGE_ACCOUNT_KEY');
|
|
}
|
|
|
|
getAzureStorageEndpoint(): string {
|
|
return this.configService.get<string>('AZURE_STORAGE_ENDPOINT');
|
|
}
|
|
|
|
getAzureStorageUrl(): string {
|
|
return this.configService.get<string>('AZURE_STORAGE_URL');
|
|
}
|
|
|
|
getMailDriver(): string {
|
|
return this.configService.get<string>('MAIL_DRIVER', 'log');
|
|
}
|
|
|
|
getMailFromAddress(): string {
|
|
return this.configService.get<string>('MAIL_FROM_ADDRESS');
|
|
}
|
|
|
|
getMailFromName(): string {
|
|
return this.configService.get<string>('MAIL_FROM_NAME', 'Docmost');
|
|
}
|
|
|
|
getMailBlockedRecipientDomains(): string[] {
|
|
const raw = this.configService.get<string>(
|
|
'MAIL_BLOCKED_RECIPIENT_DOMAINS',
|
|
'',
|
|
);
|
|
return raw
|
|
.split(',')
|
|
.map((d) => d.trim().toLowerCase())
|
|
.filter(Boolean);
|
|
}
|
|
|
|
getSmtpHost(): string {
|
|
return this.configService.get<string>('SMTP_HOST');
|
|
}
|
|
|
|
getSmtpPort(): number {
|
|
return parseInt(this.configService.get<string>('SMTP_PORT'));
|
|
}
|
|
|
|
getSmtpSecure(): boolean {
|
|
const secure = this.configService
|
|
.get<string>('SMTP_SECURE', 'false')
|
|
.toLowerCase();
|
|
return secure === 'true';
|
|
}
|
|
|
|
getSmtpIgnoreTLS(): boolean {
|
|
const ignoretls = this.configService
|
|
.get<string>('SMTP_IGNORETLS', 'false')
|
|
.toLowerCase();
|
|
return ignoretls === 'true';
|
|
}
|
|
|
|
getSmtpUsername(): string {
|
|
return this.configService.get<string>('SMTP_USERNAME');
|
|
}
|
|
|
|
getSmtpPassword(): string {
|
|
return this.configService.get<string>('SMTP_PASSWORD');
|
|
}
|
|
|
|
getPostmarkToken(): string {
|
|
return this.configService.get<string>('POSTMARK_TOKEN');
|
|
}
|
|
|
|
getDrawioUrl(): string {
|
|
return this.configService.get<string>('DRAWIO_URL');
|
|
}
|
|
|
|
isCloud(): boolean {
|
|
const cloudConfig = this.configService
|
|
.get<string>('CLOUD', 'false')
|
|
.toLowerCase();
|
|
return cloudConfig === 'true';
|
|
}
|
|
|
|
isSelfHosted(): boolean {
|
|
return !this.isCloud();
|
|
}
|
|
|
|
isCompactPageTreeEnabled(): boolean {
|
|
const compactTree = this.configService
|
|
.get<string>('COMPACT_PAGE_TREE', 'true')
|
|
.toLowerCase();
|
|
return compactTree === 'true';
|
|
}
|
|
|
|
getStripePublishableKey(): string {
|
|
return this.configService.get<string>('STRIPE_PUBLISHABLE_KEY');
|
|
}
|
|
|
|
getStripeSecretKey(): string {
|
|
return this.configService.get<string>('STRIPE_SECRET_KEY');
|
|
}
|
|
|
|
getStripeWebhookSecret(): string {
|
|
return this.configService.get<string>('STRIPE_WEBHOOK_SECRET');
|
|
}
|
|
|
|
getBillingTrialDays(): number {
|
|
return parseInt(this.configService.get<string>('BILLING_TRIAL_DAYS', '14'));
|
|
}
|
|
|
|
getCollabUrl(): string {
|
|
return this.configService.get<string>('COLLAB_URL');
|
|
}
|
|
|
|
isCollabDisableRedis(): boolean {
|
|
const isStandalone = this.configService
|
|
.get<string>('COLLAB_DISABLE_REDIS', 'false')
|
|
.toLowerCase();
|
|
return isStandalone === 'true';
|
|
}
|
|
|
|
isDisableTelemetry(): boolean {
|
|
const disable = this.configService
|
|
.get<string>('DISABLE_TELEMETRY', 'false')
|
|
.toLowerCase();
|
|
return disable === 'true';
|
|
}
|
|
|
|
getPostHogHost(): string {
|
|
return this.configService.get<string>('POSTHOG_HOST');
|
|
}
|
|
|
|
getPostHogKey(): string {
|
|
return this.configService.get<string>('POSTHOG_KEY');
|
|
}
|
|
|
|
getSearchDriver(): string {
|
|
return this.configService
|
|
.get<string>('SEARCH_DRIVER', 'database')
|
|
.toLowerCase();
|
|
}
|
|
|
|
getTypesenseUrl(): string {
|
|
return this.configService
|
|
.get<string>('TYPESENSE_URL', 'http://localhost:8108')
|
|
.toLowerCase();
|
|
}
|
|
|
|
getTypesenseApiKey(): string {
|
|
return this.configService.get<string>('TYPESENSE_API_KEY');
|
|
}
|
|
|
|
getTypesenseLocale(): string {
|
|
return this.configService
|
|
.get<string>('TYPESENSE_LOCALE', 'en')
|
|
.toLowerCase();
|
|
}
|
|
|
|
// NOTE: AI_*/OPENAI_*/GEMINI_*/OLLAMA_* env getters were removed (D8/§14[M3]):
|
|
// provider/model/key config now lives solely in workspace settings +
|
|
// ai_provider_credentials, with no env fallback. APP_SECRET stays (getAppSecret).
|
|
|
|
getEventStoreDriver(): string {
|
|
return this.configService
|
|
.get<string>('EVENT_STORE_DRIVER', 'postgres')
|
|
.toLowerCase();
|
|
}
|
|
|
|
getClickHouseUrl(): string {
|
|
return this.configService.get<string>('CLICKHOUSE_URL');
|
|
}
|
|
|
|
getSamlDisableRequestedAuthnContext(): boolean {
|
|
const disabled = this.configService
|
|
.get<string>('SAML_DISABLE_REQUESTED_AUTHN_CONTEXT', 'false')
|
|
.toLowerCase();
|
|
return disabled === 'true';
|
|
}
|
|
|
|
isIframeEmbedAllowed(): boolean {
|
|
const allowed = this.configService
|
|
.get<string>('IFRAME_EMBED_ALLOWED', 'false')
|
|
.toLowerCase();
|
|
return allowed === 'true';
|
|
}
|
|
|
|
getIframeAllowedOrigins(): string[] {
|
|
const raw = this.configService.get<string>('IFRAME_ALLOWED_ORIGINS', '');
|
|
return raw
|
|
.split(',')
|
|
.map((o) => o.trim())
|
|
.filter(Boolean);
|
|
}
|
|
|
|
getCorsAllowedOrigins(): string[] {
|
|
const raw = this.configService.get<string>('CORS_ALLOWED_ORIGINS', '');
|
|
return raw
|
|
.split(',')
|
|
.map((o) => o.trim())
|
|
.filter(Boolean);
|
|
}
|
|
|
|
isSwaggerEnabled(): boolean {
|
|
const enabled = this.configService
|
|
.get<string>('SWAGGER_ENABLED', 'false')
|
|
.toLowerCase();
|
|
return enabled === 'true';
|
|
}
|
|
}
|