mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-28 02:18:50 +00:00
af431c0a6f
- [x] All configs should support ENV variable overrides over DB values
- [ ] ~Adding a new field to DB value should automatically write ENV
config to DB on app boot (so that we don't need migrations)~
- [x] Validate configs and report human-readable errors when something
is wrong, telling where it's invalid (eg. env key X) and what's wrong
with it
- [x] Reuse Changeset validations (we still have a DB schema and UI
form, and want to make sure it's valid)
- [x] Auto-generate docs
- [x] Merge `Config` and `Configurations` into one `Config` context
- [x] Lock out UI fields for configurations when there is an ENV
override
- [x] Lock out corresponding REST API configuration field if overridden
via ENV var
- [x] Log a warning when deprecated legacy var is used
- [x] Document precedence: ENV -> Legacy ENV -> File -> DB
- [x] Change type to `inet[]` for `configurations.{default_client_dns,
default_client_allowed_ips}`, `devices.{dns, allowed_ips}`,
- [x] Drop `EctoNetwork` dep
- [x] `s/phoenix_port/phoenix_http_port` because it doesn't configure
HTTPS server
- [x] Do not load DB configs when config can be resolved from other
sources
Maybe:
- [ ] ~Auto-generate Ecto types to automatically cast/dump values
to/from DB~
- [ ] Allow JSON file config source
- [x] DB-related configs will not be validated?
Closes #1162
Closes #1313
Closes #1374
Closes #1432
69 lines
2.1 KiB
Elixir
69 lines
2.1 KiB
Elixir
import Config
|
|
|
|
config :fz_http, FzHttpWeb.Endpoint,
|
|
http: [port: 13000],
|
|
debug_errors: true,
|
|
code_reloader: true,
|
|
check_origin: ["//127.0.0.1", "//localhost"],
|
|
watchers: [
|
|
node: ["esbuild.js", "dev", cd: Path.expand("../apps/fz_http/assets", __DIR__)]
|
|
],
|
|
live_reload: [
|
|
patterns: [
|
|
~r"apps/fz_http/priv/static/.*(js|css|png|jpeg|jpg|gif|svg)$",
|
|
~r"apps/fz_http/priv/gettext/.*(po)$",
|
|
~r"apps/fz_http/lib/fz_http_web/(live|views)/.*(ex)$",
|
|
~r"apps/fz_http/lib/fz_http_web/templates/.*(eex)$"
|
|
]
|
|
]
|
|
|
|
###############################
|
|
##### FZ Firewall configs #####
|
|
###############################
|
|
|
|
get_egress_interface = fn ->
|
|
egress_interface_cmd =
|
|
case :os.type() do
|
|
{:unix, :darwin} -> "netstat -rn -finet | grep '^default' | awk '{print $NF;}'"
|
|
{_os_family, _os_name} -> "route | grep '^default' | grep -o '[^ ]*$'"
|
|
end
|
|
|
|
System.cmd("/bin/sh", ["-c", egress_interface_cmd], stderr_to_stdout: true)
|
|
|> elem(0)
|
|
|> String.trim()
|
|
end
|
|
|
|
egress_interface = System.get_env("EGRESS_INTERFACE") || get_egress_interface.()
|
|
|
|
{fz_wall_cli_module, _} =
|
|
Code.eval_string(System.get_env("FZ_WALL_CLI_MODULE", "FzWall.CLI.Sandbox"))
|
|
|
|
config :fz_wall,
|
|
nft_path: System.get_env("NFT_PATH", "nft"),
|
|
egress_interface: egress_interface,
|
|
cli: fz_wall_cli_module
|
|
|
|
###############################
|
|
##### FZ VPN configs ##########
|
|
###############################
|
|
|
|
config :fz_vpn,
|
|
wg_adapter: FzVpn.Interface.WGAdapter.Sandbox,
|
|
supervised_children: [FzVpn.Interface.WGAdapter.Sandbox, FzVpn.Server, FzVpn.StatsPushService]
|
|
|
|
###############################
|
|
##### Third-party configs #####
|
|
###############################
|
|
|
|
# Do not include metadata nor timestamps in development logs
|
|
config :logger, :console, format: "[$level] $message\n"
|
|
|
|
# Set a higher stacktrace during development. Avoid configuring such
|
|
# in production as building large stacktraces may be expensive.
|
|
config :phoenix, :stacktrace_depth, 20
|
|
|
|
# Initialize plugs at runtime for faster development compilation
|
|
config :phoenix, :plug_init_mode, :runtime
|
|
|
|
config :fz_http, FzHttpWeb.Mailer, adapter: Swoosh.Adapters.Local
|