2025-06-17 20:40:40 +02:00
|
|
|
-- furt-lua/config/server.lua
|
|
|
|
|
-- Server configuration for Furt Lua HTTP-Server
|
|
|
|
|
|
|
|
|
|
return {
|
|
|
|
|
-- HTTP Server settings
|
|
|
|
|
host = "127.0.0.1",
|
|
|
|
|
port = 8080,
|
|
|
|
|
|
|
|
|
|
-- Timeouts (seconds)
|
|
|
|
|
client_timeout = 10,
|
|
|
|
|
|
2025-06-24 19:42:44 +02:00
|
|
|
-- CORS Configuration
|
|
|
|
|
cors = {
|
|
|
|
|
-- Default allowed origins for development
|
|
|
|
|
-- Override in production with CORS_ALLOWED_ORIGINS environment variable
|
|
|
|
|
allowed_origins = (function()
|
|
|
|
|
local env_origins = os.getenv("CORS_ALLOWED_ORIGINS")
|
|
|
|
|
if env_origins then
|
|
|
|
|
-- Parse comma-separated list from environment
|
|
|
|
|
local origins = {}
|
|
|
|
|
for origin in env_origins:gmatch("([^,]+)") do
|
|
|
|
|
table.insert(origins, origin:match("^%s*(.-)%s*$")) -- trim whitespace
|
|
|
|
|
end
|
|
|
|
|
return origins
|
|
|
|
|
else
|
|
|
|
|
-- Default development origins
|
|
|
|
|
return {
|
|
|
|
|
"http://localhost:1313", -- Hugo dev server
|
|
|
|
|
"http://127.0.0.1:1313", -- Hugo dev server alternative
|
|
|
|
|
"http://localhost:3000", -- Common dev port
|
|
|
|
|
"http://127.0.0.1:3000" -- Common dev port alternative
|
|
|
|
|
}
|
|
|
|
|
end
|
|
|
|
|
end)()
|
|
|
|
|
},
|
|
|
|
|
|
2025-06-17 20:40:40 +02:00
|
|
|
-- Logging
|
|
|
|
|
log_level = "info",
|
|
|
|
|
log_requests = true,
|
|
|
|
|
|
2025-06-24 22:01:38 +02:00
|
|
|
-- API-Key-Authentifizierung (PRODUCTION READY)
|
2025-06-17 20:40:40 +02:00
|
|
|
api_keys = {
|
2025-06-24 22:01:38 +02:00
|
|
|
-- Hugo Frontend API-Key (für Website-Formulare)
|
|
|
|
|
[os.getenv("HUGO_API_KEY") or "hugo-dev-key-change-in-production"] = {
|
2025-06-17 20:40:40 +02:00
|
|
|
name = "Hugo Frontend",
|
|
|
|
|
permissions = {"mail:send"},
|
2025-06-24 22:01:38 +02:00
|
|
|
allowed_ips = {
|
|
|
|
|
"127.0.0.1", -- Localhost
|
|
|
|
|
"10.0.0.0/8", -- Private network
|
|
|
|
|
"192.168.0.0/16", -- Private network
|
|
|
|
|
"172.16.0.0/12" -- Private network
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
-- Admin API-Key (für Testing und Management)
|
|
|
|
|
[os.getenv("ADMIN_API_KEY") or "admin-dev-key-change-in-production"] = {
|
|
|
|
|
name = "Admin Access",
|
|
|
|
|
permissions = {"*"}, -- All permissions
|
|
|
|
|
allowed_ips = {
|
|
|
|
|
"127.0.0.1", -- Local only for admin
|
|
|
|
|
"10.0.0.0/8" -- Internal network
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
-- Optional: Monitoring API-Key (nur Health-Checks)
|
|
|
|
|
[os.getenv("MONITORING_API_KEY") or "monitoring-dev-key"] = {
|
|
|
|
|
name = "Monitoring Service",
|
|
|
|
|
permissions = {"monitoring:health"},
|
|
|
|
|
allowed_ips = {
|
|
|
|
|
"127.0.0.1",
|
|
|
|
|
"10.0.0.0/8",
|
|
|
|
|
"172.16.0.0/12"
|
|
|
|
|
}
|
2025-06-17 20:40:40 +02:00
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
-- Mail configuration (for SMTP integration)
|
|
|
|
|
mail = {
|
2025-06-19 09:52:15 +02:00
|
|
|
smtp_server = os.getenv("SMTP_HOST") or "mail.dragons-at-work.de",
|
|
|
|
|
smtp_port = tonumber(os.getenv("SMTP_PORT")) or 465,
|
2025-06-17 20:40:40 +02:00
|
|
|
use_ssl = true,
|
2025-06-19 09:52:15 +02:00
|
|
|
username = os.getenv("SMTP_USERNAME"),
|
|
|
|
|
password = os.getenv("SMTP_PASSWORD"),
|
|
|
|
|
from_address = os.getenv("SMTP_FROM") or "noreply@dragons-at-work.de",
|
|
|
|
|
to_address = os.getenv("SMTP_TO") or "michael@dragons-at-work.de"
|
2025-06-17 20:40:40 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
