ash_hq/config/prod.exs

import Config

# For production, don't forget to configure the url host
# to something meaningful, Phoenix uses this information
# when generating URLs.
#
# Note we also include the path to a cache manifest
# containing the digested version of static files. This
# manifest is generated by the `mix phx.digest` task,
# which you should run after static files are built and
# before starting your production server.
config :ash_hq, AshHqWeb.Endpoint,
  force_ssl: [rewrite_on: [:x_forwarded_proto]],
  cache_static_manifest: "priv/static/cache_manifest.json"

# Do not print debug messages in production
config :logger, level: :info

# ## SSL Support
#
# To get SSL working, you will need to add the `https` key
# to the previous section and set your `:url` port to 443:
#
#     config :ash_hq, AshHqWeb.Endpoint,
#       ...,
#       url: [host: "example.com", port: 443],
#       https: [
#         ...,
#         port: 443,
#         cipher_suite: :strong,
#         keyfile: System.get_env("SOME_APP_SSL_KEY_PATH"),
#         certfile: System.get_env("SOME_APP_SSL_CERT_PATH")
#       ]
#
# The `cipher_suite` is set to `:strong` to support only the
# latest and more secure SSL ciphers. This means old browsers
# and clients may not be supported. You can set it to
# `:compatible` for wider support.
#
# `:keyfile` and `:certfile` expect an absolute path to the key
# and cert in disk or a relative path inside priv, for example
# "priv/ssl/server.key". For all supported SSL configuration
# options, see https://hexdocs.pm/plug/Plug.SSL.html#configure/1
#
# We also recommend setting `force_ssl` in your endpoint, ensuring
# no data is ever sent via http, always redirecting to https:
#
#     config :ash_hq, AshHqWeb.Endpoint,
#       force_ssl: [hsts: true]
#
# Check `Plug.SSL` for all available options in `force_ssl`.

config :ash_hq, AshHq.Mailer, adapter: Swoosh.Adapters.Postmark
config :swoosh, :api_client, Swoosh.ApiClient.Finch

config :plug_content_security_policy,
  nonces_for: [:script_src],
  directives: %{
    img_src: ~w('self' data data:)
  }
init 2022-03-21 17:43:24 +13:00			`import Config`

			`# For production, don't forget to configure the url host`
			`# to something meaningful, Phoenix uses this information`
			`# when generating URLs.`
			`#`
			`# Note we also include the path to a cache manifest`
			`# containing the digested version of static files. This`
			# manifest is generated by the `mix phx.digest` task,
			`# which you should run after static files are built and`
			`# before starting your production server.`
WIP 2022-04-01 14:29:58 +13:00			`config :ash_hq, AshHqWeb.Endpoint,`
			`force_ssl: [rewrite_on: [:x_forwarded_proto]],`
			`cache_static_manifest: "priv/static/cache_manifest.json"`
init 2022-03-21 17:43:24 +13:00
			`# Do not print debug messages in production`
			`config :logger, level: :info`

			`# ## SSL Support`
			`#`
			# To get SSL working, you will need to add the `https` key
			# to the previous section and set your `:url` port to 443:
			`#`
			`# config :ash_hq, AshHqWeb.Endpoint,`
			`# ...,`
			`# url: [host: "example.com", port: 443],`
			`# https: [`
			`# ...,`
			`# port: 443,`
			`# cipher_suite: :strong,`
			`# keyfile: System.get_env("SOME_APP_SSL_KEY_PATH"),`
			`# certfile: System.get_env("SOME_APP_SSL_CERT_PATH")`
			`# ]`
			`#`
			# The `cipher_suite` is set to `:strong` to support only the
			`# latest and more secure SSL ciphers. This means old browsers`
			`# and clients may not be supported. You can set it to`
			# `:compatible` for wider support.
			`#`
			# `:keyfile` and `:certfile` expect an absolute path to the key
			`# and cert in disk or a relative path inside priv, for example`
			`# "priv/ssl/server.key". For all supported SSL configuration`
			`# options, see https://hexdocs.pm/plug/Plug.SSL.html#configure/1`
			`#`
			# We also recommend setting `force_ssl` in your endpoint, ensuring
			`# no data is ever sent via http, always redirecting to https:`
			`#`
			`# config :ash_hq, AshHqWeb.Endpoint,`
			`# force_ssl: [hsts: true]`
			`#`
			# Check `Plug.SSL` for all available options in `force_ssl`.
improvement: copy over example with auth to ash-hq 2022-08-06 14:08:23 +12:00
fix: set up api client for swoosh 2022-08-06 15:45:49 +12:00			`config :ash_hq, AshHq.Mailer, adapter: Swoosh.Adapters.Postmark`
			`config :swoosh, :api_client, Swoosh.ApiClient.Finch`
improvement: get a build set up improvement: fix lint/security issues improvement: add CSP improvement: remove currently unnecessary/old code 2022-08-07 11:22:58 +12:00
			`config :plug_content_security_policy,`
			`nonces_for: [:script_src],`
			`directives: %{`
			`img_src: ~w('self' data data:)`
			`}`