This repository has been archived by the owner on Apr 7, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 12
/
Copy pathindex.js
94 lines (82 loc) · 3.08 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
/**
* Camino API, le cadastre minier numérique ouvert
*
* This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version.
*
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
require('dotenv').config()
const path = require('path')
const express = require('express')
const history = require('connect-history-api-fallback')
const compression = require('compression')
const { createProxyMiddleware } = require('http-proxy-middleware')
const { version } = require('./package.json')
const app = express()
const port = process.env.PORT
const apiUrl = process.env.API_URL
const apiMatomoUrl = process.env.API_MATOMO_URL
const typeformUrl = '*.typeform.com'
const staticFileMiddleware = express.static(path.join(__dirname, 'dist'), {
setHeaders: (res, path, stat) => {
res.set({
'Content-Security-Policy': `default-src 'none'; script-src 'self' ${apiMatomoUrl} ${typeformUrl}; style-src 'self' ${typeformUrl}; object-src 'self'; frame-src 'self' ${typeformUrl}; connect-src 'self' ${apiUrl} sentry.io ${apiMatomoUrl}; img-src data: 'self' a.tile.openstreetmap.org b.tile.openstreetmap.org c.tile.openstreetmap.org a.tile.openstreetmap.fr b.tile.openstreetmap.fr c.tile.openstreetmap.fr geoservices.brgm.fr wxs.ign.fr datacarto.geoguyane.fr; base-uri 'none'; form-action 'self'; frame-ancestors 'none';`,
'X-Frame-Options': 'DENY',
'X-Content-Type-Options': 'nosniff',
'X-XSS-Protection': '1; mode=block',
'Access-Control-Allow-Origin': '*',
'Referrer-Policy': 'same-origin'
})
}
})
app.use(
'/apiUrl',
createProxyMiddleware({
target: apiUrl,
changeOrigin: true,
pathRewrite: { '^/apiUrl': '' }
})
)
app.use(
'/televersement',
createProxyMiddleware({
target: apiUrl,
changeOrigin: true
})
)
app.use('/sentryOptions', (req, res) =>
res.json({
dsn: process.env.API_SENTRY_URL,
environment: process.env.ENV
})
)
app.use('/matomoOptions', (req, res) =>
res.json({
host: apiMatomoUrl,
siteId: process.env.API_MATOMO_ID
})
)
const sendVersion = context => {
const headers = {
'Content-Type': 'text/event-stream',
Connection: 'keep-alive',
'Cache-Control': 'no-cache'
}
context.writeHead(200, headers)
context.write(`id: ${Date.now()}\n`)
context.write(`event: version\n`)
context.write(`data: ${version}\n\n`)
}
app.get('/stream/version', async (req, res) => {
sendVersion(res)
})
app.use(compression())
app.use('/', staticFileMiddleware)
app.use('/', history())
// https://stackoverflow.com/a/52327421/2112538
app.use('/', staticFileMiddleware)
app.listen(port, () => {
console.info(`Server: ${port}`)
})