Add DSIABLE_SSL env option
`assume_ssl` and `force_ssl` are often used together: - When running behind a terminating proxy (including Thruster) you'll want both. - When running without SSL (like on localhost) you'll want neither. To simplify setup for those cases, we add the `DISABLE_SSL` option. When set to `true` all SSL-related behaviour is turned off. When left as the default, it's on. We can still use `ASSUME_SSL` and `FORCE_SSL` to set those separately if required.
This commit is contained in:
@@ -60,12 +60,15 @@ Rails.application.configure do
|
|||||||
# config.action_cable.url = "wss://example.com/cable"
|
# config.action_cable.url = "wss://example.com/cable"
|
||||||
# config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
|
# config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
|
||||||
|
|
||||||
|
# Set DISABLE_SSL=true to disable all SSL options, rather than specify each individually
|
||||||
|
ssl_enabled = "true" unless ENV["DISABLE_SSL"] == "true"
|
||||||
|
|
||||||
# Assume all access to the app is happening through a SSL-terminating reverse proxy.
|
# Assume all access to the app is happening through a SSL-terminating reverse proxy.
|
||||||
# Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies.
|
# Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies.
|
||||||
config.assume_ssl = ENV.fetch("ASSUME_SSL", "true") == "true"
|
config.assume_ssl = ENV.fetch("ASSUME_SSL", ssl_enabled) == "true"
|
||||||
|
|
||||||
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
|
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
|
||||||
config.force_ssl = ENV.fetch("FORCE_SSL", "true") == "true"
|
config.force_ssl = ENV.fetch("FORCE_SSL", ssl_enabled) == "true"
|
||||||
|
|
||||||
# Log to STDOUT by default
|
# Log to STDOUT by default
|
||||||
config.logger = ActiveSupport::Logger.new(STDOUT)
|
config.logger = ActiveSupport::Logger.new(STDOUT)
|
||||||
|
|||||||
Reference in New Issue
Block a user