From 9b3d6d55246912efe01f09d2f01cbe17a5ef1211 Mon Sep 17 00:00:00 2001
From: Alan Pearce
Date: Sat, 20 Apr 2024 19:31:21 +0200
Subject: send headers from config.toml

---
 fly.toml        |  2 --
 nix/default.nix |  3 +++
 server.go       | 35 ++++++++++++++++++++++++-----------
 3 files changed, 27 insertions(+), 13 deletions(-)

diff --git a/fly.toml b/fly.toml
index 35f3750..3207d07 100644
--- a/fly.toml
+++ b/fly.toml
@@ -31,8 +31,6 @@ primary_region = "ams"
     soft_limit = 15000
 [http_service.http_options.response]
   pristine = true
-[http_service.http_options.response.headers]
-  Strict-Transport-Security = "max-age=31536000; includeSubdomains; preload"
 [[http_service.checks]]
   grace_period = "15s"
   interval = "30s"
diff --git a/nix/default.nix b/nix/default.nix
index cd62ebf..2032013 100644
--- a/nix/default.nix
+++ b/nix/default.nix
@@ -10,6 +10,9 @@ let
     pkgs.dockerTools.${type} {
       name = "registry.fly.io/alanpearce-eu";
       tag = dockerTag;
+      contents = [
+        (pkgs.writeTextDir "config.toml" (builtins.readFile ./../config.toml))
+      ];
       config = {
         Cmd = [ "${server}/bin/website" ];
         Env = [
diff --git a/server.go b/server.go
index 69dca43..d107028 100644
--- a/server.go
+++ b/server.go
@@ -49,16 +49,20 @@ var fs embed.FS
 var Commit string
 
 func main() {
-	config := Config{}
-	if help, err := conf.Parse("", &config); err != nil {
+	runtimeConfig := Config{}
+	if help, err := conf.Parse("", &runtimeConfig); err != nil {
 		if errors.Is(err, conf.ErrHelpWanted) {
 			fmt.Println(help)
 			os.Exit(1)
 		}
-		log.Panicf("parsing config: %v", err)
+		log.Panicf("parsing runtime configuration: %v", err)
+	}
+	config, err := cfg.GetConfig("config.toml")
+	if err != nil {
+		log.Panicf("parsing configuration file: %v", err)
 	}
 
-	err := sentry.Init(sentry.ClientOptions{
+	err = sentry.Init(sentry.ClientOptions{
 		Dsn:         os.Getenv("SENTRY_DSN"),
 		Release:     os.Getenv("FLY_MACHINE_VERSION"),
 		Environment: os.Getenv("ENV"),
@@ -100,6 +104,15 @@ func main() {
 
 	website.Use(prometheus.Middleware)
 	website.Use(fibersentry.New(fibersentry.Config{}))
+	website.Use(func(c *fiber.Ctx) error {
+		for k, v := range config.Extra.Headers {
+			c.Set(k, v)
+		}
+		if c.Secure() {
+			c.Set("Strict-Transport-Security", "max-age=31536000; includeSubdomains; preload")
+		}
+		return c.Next()
+	})
 
 	website.Use(compress.New())
 	website.Use(cache.New(cache.Config{
@@ -132,17 +145,17 @@ func main() {
 		MaxAge:             int((24 * time.Hour).Seconds()),
 	}))
 	website.Use(notFoundHandler)
-	hosts[config.BaseURL.Host] = &Host{website}
+	hosts[runtimeConfig.BaseURL.Host] = &Host{website}
 
 	toplevel := fiber.New(fiber.Config{
-		DisableStartupMessage: config.Production,
+		DisableStartupMessage: runtimeConfig.Production,
 		ServerHeader:          fmt.Sprintf("website (%s)", Commit),
 	})
 	toplevel.Get("/health", func(c *fiber.Ctx) error {
 		return c.SendStatus(fiber.StatusOK)
 	})
 	var logWriter io.Writer
-	if config.Production {
+	if runtimeConfig.Production {
 		logWriter = law.NewWriteAsyncer(os.Stdout, nil)
 	} else {
 		logWriter = os.Stdout
@@ -156,10 +169,10 @@ func main() {
 	toplevel.Use(func(c *fiber.Ctx) error {
 		host := hosts[c.Hostname()]
 		if host == nil {
-			if config.RedirectOtherHostnames {
-				return c.Redirect(config.BaseURL.JoinPath(c.OriginalURL()).String())
+			if runtimeConfig.RedirectOtherHostnames {
+				return c.Redirect(runtimeConfig.BaseURL.JoinPath(c.OriginalURL()).String())
 			} else {
-				hosts[config.BaseURL.Host].Fiber.Handler()(c.Context())
+				hosts[runtimeConfig.BaseURL.Host].Fiber.Handler()(c.Context())
 				return nil
 			}
 		} else {
@@ -172,5 +185,5 @@ func main() {
 		err := metricServer.Listen(":9091")
 		log.Printf("failed to start metrics server: %v", err)
 	}()
-	log.Fatal(toplevel.Listen(fmt.Sprintf("%s:%d", "", config.Port)))
+	log.Fatal(toplevel.Listen(fmt.Sprintf("%s:%d", "", runtimeConfig.Port)))
 }
-- 
cgit 1.4.1