Made RackSslEnforcer configurable via the 'enforce_ssl' key in config.yml, turned off by default.

Nathan Broadbent
1 parent 085ef265
Showing 3 changed files with 10 additions and 3 deletions Show diff stats
config/application.rb
config/config.example.yml
config/initializers/ssl_enforcer.rb
@@ -15,9 +15,6 @@ Bundler.require(:default, Rails.env) if defined?(Bundler)
 module Errbit
   class Application < Rails::Application
-    
-    config.middleware.use Rack::SslEnforcer, :except => /^\/deploys/
-    
     # Settings in config/environments/* take precedence over those specified here.
     # Application configuration should go into files in config/initializers
     # -- all .rb files in that directory are automatically loaded.
@@ -11,6 +11,9 @@
 # The host of your errbit server
 host: errbit.example.com
+# Enforce SSL connections
+enforce_ssl: false
+
 # The email address which email notifications
 # will be sent from.
 email_from: errbit@example.com
@@ -0,0 +1,7 @@
+#
+# Enforce SSL connections, if configured
+if Errbit::Config.enforce_ssl
+  Errbit::Application.configure do
+    config.middleware.use Rack::SslEnforcer, :except => /^\/deploys/
+  end
+end
@@ -0,0 +1,7 @@		@@ -0,0 +1,7 @@
	1	+#
	2	+# Enforce SSL connections, if configured
	3	+if Errbit::Config.enforce_ssl
	4	+ Errbit::Application.configure do
	5	+ config.middleware.use Rack::SslEnforcer, :except => /^\/deploys/
	6	+ end
	7	+end