furt/config/server.lua

-- config/server.lua
-- Multi-Tenant server configuration using nginx-style config parser
-- Dragons@Work Digital Sovereignty Project

local ConfigParser = require("src.config_parser")

-- Load configuration from furt.conf
local config = ConfigParser.load_config()

-- Configure rate limiting from config
local RateLimiter = require("src.rate_limiter")
local rate_limits = {
    api_key_max = config.security and config.security.rate_limit_api_key_max or 60,
    ip_max = config.security and config.security.rate_limit_ip_max or 100,
    window = config.security and config.security.rate_limit_window or 3600
}
RateLimiter:configure(rate_limits)

-- Parse CORS origins from config or environment
local function get_cors_origins()
    -- 1. Try config file first
    if config.server.cors_allowed_origins then
        local origins = {}
        for origin in config.server.cors_allowed_origins:gmatch("([^,]+)") do
            table.insert(origins, origin:match("^%s*(.-)%s*$"))
        end
        return origins
    end

    -- 2. Try environment variable
    local env_origins = os.getenv("CORS_ALLOWED_ORIGINS")
    if env_origins then
        local origins = {}
        for origin in env_origins:gmatch("([^,]+)") do
            table.insert(origins, origin:match("^%s*(.-)%s*$"))
        end
        return origins
    end

    -- 3. Development defaults
    return {
        "http://localhost:1313",      -- Hugo dev server
        "http://127.0.0.1:1313",     -- Hugo dev server alternative
        "http://localhost:3000",     -- Common dev port
        "http://127.0.0.1:3000"      -- Common dev port alternative
    }
end

-- Add legacy compatibility and runtime enhancements
local server_config = {
    -- HTTP Server settings (from [server] section)
    host = config.server.host,
    port = config.server.port,

    -- Timeouts and limits
    client_timeout = config.server.client_timeout or 10,

    -- CORS Configuration (prioritize config file over environment)
    cors = {
        allowed_origins = get_cors_origins()
    },

    -- Logging
    log_level = config.server.log_level or "info",
    log_requests = config.server.log_requests or true,

    -- Security settings
    security = {
        enable_test_endpoint = config.security and config.security.enable_test_endpoint or false,
        rate_limits = rate_limits
    },

    -- API Keys (converted from nginx-style to old format for backward compatibility)
    api_keys = config.api_keys,

    -- Default SMTP config (for legacy compatibility)
    mail = config.smtp_default,

    -- Multi-tenant mail configuration function
    get_mail_config_for_api_key = function(api_key)
        return ConfigParser.get_mail_config_for_api_key(config, api_key)
    end,

    -- Raw config access (for advanced usage)
    raw_config = config
}

-- Print configuration summary on load
print("Furt Multi-Tenant Configuration Loaded:")
print("  Server: " .. server_config.host .. ":" .. server_config.port)
print("  Log Level: " .. server_config.log_level)

-- Print CORS configuration
print("  CORS Origins:")
for i, origin in ipairs(server_config.cors.allowed_origins) do
    print("    " .. i .. ": " .. origin)
end

-- Print security configuration
print("  Test Endpoint: " .. (server_config.security.enable_test_endpoint and "enabled" or "disabled"))
print("  Default SMTP: " .. (config.smtp_default.host or "not configured"))

-- Print API key information
local api_key_count = 0
for key_name, key_config in pairs(config.api_keys) do
    api_key_count = api_key_count + 1

    -- Check if this API key has mail permissions
    local has_mail_permission = false
    if key_config.permissions then
        for _, perm in ipairs(key_config.permissions) do
            if perm == "mail:send" or perm == "*" then
                has_mail_permission = true
                break
            end
        end
    end

    local smtp_info = ""
    if key_config.mail_smtp_host then
        smtp_info = " (custom SMTP: " .. key_config.mail_smtp_host .. ")"
    end

    if has_mail_permission then
        print("  API Key: " .. key_config.name .. " -> " .. key_config.mail_to .. smtp_info)
    else
        print("  API Key: " .. key_config.name .. " (no mail)" .. smtp_info)
    end
end
print("  Total API Keys: " .. api_key_count)

return server_config