cmd/server.go

@@ -51,9 +51,12 @@ func init() {
 	serverCmd.Flags().Int("server-port", 8080, "Port to run the webserver on (config: server.port)")
 	viper.BindPFlag("server.port", serverCmd.Flags().Lookup("server-port"))
 
-	// server.documents.location    -    --server-documents-location
-	serverCmd.Flags().String("server-documents-location", "us-east", "Storage bucket location (config: server.documents.location)")
-	viper.BindPFlag("server.documents.location", serverCmd.Flags().Lookup("server-documents-location"))
+	// Not currently used
+	/*
+		// server.documents.location    -    --server-documents-location
+		serverCmd.Flags().String("server-documents-location", "us-east", "Storage bucket location (config: server.documents.location)")
+		viper.BindPFlag("server.documents.location", serverCmd.Flags().Lookup("server-documents-location"))
+	*/
 
 	// server.documents.endpoint    -    --server-documents-endpoint
 	serverCmd.Flags().String("server-documents-endpoint", "minio:9000", "Storage server endpoint (config: server.documents.endpoint)")
@@ -87,11 +90,11 @@ func init() {
 	serverCmd.Flags().Bool("server-admin-auth", false, "Enable to allow basic authentication for /admin routes (config: server.admin.auth)")
 	viper.BindPFlag("server.admin.auth", serverCmd.Flags().Lookup("server-admin-auth"))
 
-	// server.admin.username    -    --server-frontend-username
+	// server.admin.username    -    --server-admin-username
 	serverCmd.Flags().String("server-admin-username", "", "Username for basic authentication for /admin routes (config: server.admin.username)")
 	viper.BindPFlag("server.admin.username", serverCmd.Flags().Lookup("server-admin-username"))
 
-	// server.admin.password    -    --server-frontend-password
+	// server.admin.password    -    --server-admin-password
 	serverCmd.Flags().String("server-admin-password", "", "Password for basic authentication for /admin routes (config: server.admin.password)")
 	viper.BindPFlag("server.admin.password", serverCmd.Flags().Lookup("server-admin-password"))
 }

examples/config/agecem-org.yaml

@@ -1,14 +1,66 @@
+# Server configuration
 server:
+  # Port on which to run the webserver
+  #
+  # Currently only opens to all interfaces, and exposes the
+  # html and REST API routes on the same port.
   port: 8080
+
   documents:
+    # Endpoint of the minio instance, without the protocol
+    #
+    # If deployed with docker-compose, specify minio's services.name
+    # (minio by default)
+    #
+    # If deployed elsewhere, specify minio's host ip or localhost if such is
+    # the case.
     endpoint: 'minio:9000'
+
+    # Turn on to specify that requests to minio should be done over https
+    #
+    # Recommended to be turned on if minio instance is exposed to a network
+    # that others have access to (i.e. not an isolated docker network)
     use_ssl: false
+
+    # Access credentials for minio instance.
+    #
+    # Can match either the initial credentials used during deployment of
+    # minio (.env for docker-compose) or credentials manually created in the minio instance.
+    #
+    # Change this to match your deployment
     access_key_id: 'agecem-org'
     secret_access_key: 'agecem-org'
+
+    # Which buckets are allowed to be manipulated in the minio instance by the application.
+    #
+    # Also used to specify which buckets are to be created on receiving a POST request on /v1/seed
     buckets:
       - 'proces-verbaux'
       - 'politiques-et-reglements'
+
   api:
-    # necessary for production use
+    # Enable or disable key auth on /v1 routes
+    #
+    # Recommended to be on in production
     auth: true 
+
+    # Key for authenticating to /v1 routes.
+    #
+    # Minimum 10 characters
+    #
+    # Change this in production
     key: 'agecem-org'
+
+  admin:
+    # Enable or disable basic auth on /admin routes
+    #
+    # Recommended to be on in production
+    auth: true
+
+    # Username and password for authenticating to /admin routes
+    #
+    # Minimum 5 characters for username and 10 characters for password
+    #
+    # Change this in production
+    username: 'agecem-org'
+    password: 'agecem-org'