Chore: Environment variable to force ssl (#561)

Fixes: #558 Co-authored-by: Pranav Raj S <pranavrajs@gmail.com>
2020-02-26 11:36:22 +05:30 · 2020-02-26 11:36:22 +05:30 · 74f8a35cfc
commit 74f8a35cfc
parent 1f158aa193
3 changed files with 4 additions and 2 deletions
--- a/.env.example
+++ b/.env.example
@ -1,4 +1,6 @@
 SECRET_KEY_BASE=
+# Force all access to the app over SSL, default is set to false
+FORCE_SSL=

 #redis config
 REDIS_URL=redis://redis:6379
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@ -39,7 +39,7 @@ Rails.application.configure do
  config.active_storage.service = ENV.fetch('ACTIVE_STORAGE_SERVICE', 'local').to_sym

  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
-  # config.force_ssl = true
+  config.force_ssl = ENV.fetch('FORCE_SSL', false)

  # Use the lowest log level to ensure availability of diagnostic information
  # when problems arise.
--- a/config/environments/staging.rb
+++ b/config/environments/staging.rb
@ -40,7 +40,7 @@ Rails.application.configure do
  # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]

  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
-  config.force_ssl = false
+  config.force_ssl = ENV.fetch('FORCE_SSL', false)

  # Use the lowest log level to ensure availability of diagnostic information
  # when problems arise.