redirectHTTPToHTTPSDeprecation handles deprecation of the --tls-redirect-http-to-https flag and "related" environment variables. --tls-redirect-http-to-https used to default to true. It made more sense to have the redirect be opt-in. Also, for a while we have been accepting the environment variabl
(ctx context.Context, logger slog.Logger, inv *serpent.Invocation, cfg *codersdk.DeploymentValues)
| 2913 | // corresponding flag!) "CODER_TLS_REDIRECT_HTTP", and it appeared in a configuration |
| 2914 | // example, so we keep accepting it to not break backward compat. |
| 2915 | func redirectHTTPToHTTPSDeprecation(ctx context.Context, logger slog.Logger, inv *serpent.Invocation, cfg *codersdk.DeploymentValues) { |
| 2916 | truthy := func(s string) bool { |
| 2917 | b, err := strconv.ParseBool(s) |
| 2918 | if err != nil { |
| 2919 | return false |
| 2920 | } |
| 2921 | return b |
| 2922 | } |
| 2923 | if truthy(inv.Environ.Get("CODER_TLS_REDIRECT_HTTP")) || |
| 2924 | truthy(inv.Environ.Get("CODER_TLS_REDIRECT_HTTP_TO_HTTPS")) || |
| 2925 | inv.ParsedFlags().Changed("tls-redirect-http-to-https") { |
| 2926 | logger.Warn(ctx, "⚠️ --tls-redirect-http-to-https is deprecated, please use --redirect-to-access-url instead") |
| 2927 | cfg.RedirectToAccessURL = cfg.TLS.RedirectHTTP |
| 2928 | } |
| 2929 | } |
| 2930 | |
| 2931 | // ReadExternalAuthProvidersFromEnv is provided for compatibility purposes with |
| 2932 | // the viper CLI. |