-
Notifications
You must be signed in to change notification settings - Fork 0
/
config.clj
135 lines (120 loc) · 5.54 KB
/
config.clj
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
(ns andrewslai.clj.init.config
(:require [andrewslai.clj.api.authorization :as auth]
[andrewslai.clj.http-api.andrewslai :as andrewslai]
[andrewslai.clj.http-api.auth.buddy-backends :as bb]
[andrewslai.clj.http-api.middleware :as mw]
[andrewslai.clj.http-api.virtual-hosting :as vh]
[andrewslai.clj.http-api.wedding :as wedding]
[andrewslai.clj.persistence.filesystem.s3-impl :as s3-storage]
[andrewslai.clj.persistence.filesystem.url-utils :as url-utils]
[andrewslai.clj.persistence.rdbms.embedded-h2-impl :as embedded-h2]
[andrewslai.clj.persistence.rdbms.embedded-postgres-impl :as embedded-pg]
[andrewslai.clj.persistence.rdbms.live-pg :as live-pg]
[next.jdbc :as next]
[taoensso.timbre :as log]))
(defn configure-port
[env]
(Integer/parseInt (get env "ANDREWSLAI_PORT" "5000")))
(defn configure-keycloak
[env]
(-> {:realm (get env "ANDREWSLAI_AUTH_REALM")
:auth-server-url (get env "ANDREWSLAI_AUTH_URL")
:client-id (get env "ANDREWSLAI_AUTH_CLIENT")
:client-secret (get env "ANDREWSLAI_AUTH_SECRET")
:ssl-required "external"
:confidential-port 0}
(bb/keycloak-backend)))
(defn configure-auth
"Is OAUTH is disabled, always authenticate as a user with `wedding` access"
[env]
(case (get env "ANDREWSLAI_AUTH_TYPE" "keycloak")
"keycloak" (configure-keycloak env)
"none" (bb/authenticated-backend {:name "Test User"
:realm_access {:roles ["wedding" "andrewslai"]}})))
(defn configure-logging
[env]
(merge log/*config* {:min-level (keyword (get env "ANDREWSLAI_LOG_LEVEL" "info"))}))
(defn configure-database
[env]
(case (get env "ANDREWSLAI_DB_TYPE" "postgres")
"postgres" (next/get-datasource (live-pg/pg-conn env))
"embedded-postgres" (embedded-pg/fresh-db!)
"embedded-h2" (embedded-h2/fresh-db!)))
(defn configure-wedding-storage
[env]
(s3-storage/map->S3 {:bucket (get env "ANDREWSLAI_WEDDING_BUCKET" "andrewslai-wedding")
:creds s3-storage/CustomAWSCredentialsProviderChain}))
(defn configure-andrewslai-storage
[env]
(s3-storage/map->S3 {:bucket (get env "ANDREWSLAI_BUCKET" "andrewslai")
:creds s3-storage/CustomAWSCredentialsProviderChain}))
(def public-access (constantly true))
(defn configure-andrewslai-access
[_env]
[{:pattern #"^/admin.*"
:handler (partial auth/require-role "andrewslai")}
{:request-method :put
:pattern #"^/articles/.*"
:handler (partial auth/require-role "andrewslai")}
{:pattern #"^/$"
:handler public-access}
{:pattern #"^/index.html$"
:handler public-access}
{:pattern #"^/ping"
:handler public-access}
#_{:pattern #"^/.*"
:handler (constantly false)}
])
(defn configure-wedding-access
[_env]
[{:pattern #"^/media.*"
:handler (partial auth/require-role "wedding")}
{:pattern #"^/albums.*"
:handler (partial auth/require-role "wedding")}])
(defn add-andrewslai-middleware
([andrewslai-components]
(add-andrewslai-middleware andrewslai-components {}))
([{:keys [storage] :as andrewslai-components} env]
(let [sc (case (get env "ANDREWSLAI_STATIC_CONTENT_TYPE" "none")
"s3" (mw/classpath-static-content-stack "" {:prefer-handler? true
:loader (url-utils/filesystem-loader storage)})
"local" (mw/file-static-content-stack (get env "ANDREWSLAI_STATIC_CONTENT_FOLDER" "resources/public") {})
"none" identity)]
(assoc andrewslai-components
:http-mw
(comp mw/standard-stack
sc
(mw/auth-stack andrewslai-components))))))
(defn add-wedding-middleware
([wedding-components]
(add-wedding-middleware wedding-components {}))
([{:keys [storage] :as wedding-components} env]
(assoc wedding-components
:http-mw (comp mw/standard-stack
(mw/classpath-static-content-stack ""
{:prefer-handler? true
:loader (url-utils/filesystem-loader storage)})
(mw/auth-stack wedding-components)))))
(defn configure-from-env
[env]
(let [auth-backend (configure-auth env)
database (configure-database env)]
(-> {:port (configure-port env)
:andrewslai {:auth auth-backend
:access-rules (configure-andrewslai-access env)
:database database
:storage (configure-andrewslai-storage env)}
:wedding {:auth auth-backend
:access-rules (configure-wedding-access env)
:database database
:storage (configure-wedding-storage env)
:logging (configure-logging env)}}
(update :wedding add-wedding-middleware env)
(update :andrewslai add-andrewslai-middleware env))))
(defn configure-http-handler
[{:keys [andrewslai wedding] :as components}]
(vh/host-based-routing
{#"caheriaguilar.and.andrewslai.com" {:priority 0
:app (wedding/wedding-app wedding)}
#".*" {:priority 100
:app (andrewslai/andrewslai-app andrewslai)}}))