Use env vars for TLS files

2025-09-05 18:27:46 +02:00
parent a7d22e6634
commit c727b5032c
2 changed files with 7 additions and 5 deletions
--- a/src/configuration.rs
+++ b/src/configuration.rs
@@ -61,6 +61,7 @@ pub struct Settings {
    pub database: DatabaseSettings,
    pub email_client: EmailClientSettings,
    pub redis_uri: SecretString,
+    pub require_tls: bool,
 }

 #[derive(Clone, Deserialize)]
@@ -69,7 +70,6 @@ pub struct ApplicationSettings {
    pub port: u16,
    pub host: String,
    pub base_url: String,
-    pub require_tls: bool,
 }

 #[derive(Clone, Deserialize)]
--- a/src/startup.rs
+++ b/src/startup.rs
@@ -62,14 +62,16 @@ impl Application {
            configuration.application.base_url,
            redis_store,
        );
-        let tls_config = if configuration.application.require_tls {
+        let tls_config = if configuration.require_tls {
            Some(
                RustlsConfig::from_pem_file(
-                    "/home/alphonse/.certs/fullchain.pem",
-                    "/home/alphonse/.certs/privkey.pem",
+                    std::env::var("APP_TLS_CERT")
+                        .expect("Failed to read TLS certificate environment variable"),
+                    std::env::var("APP_TLS_KEY")
+                        .expect("Feiled to read TLS private key environment variable"),
                )
                .await
-                .unwrap(),
+                .expect("Could not create TLS configuration"),
            )
        } else {
            None