From 442527c8e30da4e87c6c5b9437d7f1f153391449 Mon Sep 17 00:00:00 2001
From: Jannik Streek <jannik.streek@gmail.com>
Date: Wed, 1 Jan 2025 17:19:21 +0100
Subject: [PATCH] make configurable in runtime

---
 config/prod.exs    | 28 ----------------------------
 config/runtime.exs | 30 ++++++++++++++++++++++++++++++
 2 files changed, 30 insertions(+), 28 deletions(-)

diff --git a/config/prod.exs b/config/prod.exs
index 8e692c6c..489abfde 100644
--- a/config/prod.exs
+++ b/config/prod.exs
@@ -23,34 +23,6 @@ end
 
 config :mindwendel, :s3_storage_provider, Mindwendel.Services.S3ObjectStorageService
 
-force_ssl = System.get_env("FORCE_SSL", "true") == "true"
-
-config :mindwendel, MindwendelWeb.Endpoint,
-  # This configuration ensures / enforces ssl requests sent to this mindwendel instance.
-  # See https://hexdocs.pm/phoenix/Phoenix.Endpoint.html#module-compile-time-configuration
-  #
-  # Note:
-  # This configuration also supports deploying mindwendel behind a reverse proxy (load balancer).
-  # For this to work, we tell the Phoenix endpoint Configuration (Plug.SSL) to parse the proper protocol from the x-forwarded-* header.
-  # See https://hexdocs.pm/plug/Plug.SSL.html#module-x-forwarded
-  # See https://hexdocs.pm/phoenix/Phoenix.Endpoint.html#module-compile-time-configuration
-  force_ssl: [
-    hsts: force_ssl,
-    rewrite_on: [
-      :x_forwarded_host,
-      :x_forwarded_port,
-      :x_forwarded_proto
-    ]
-  ],
-  http: [
-    transport_options: [
-      socket_opts: [
-        :inet6
-      ]
-    ]
-  ],
-  secret_key_base: secret_key_base
-
 # Do not print debug messages in production
 config :logger, level: :info
 
diff --git a/config/runtime.exs b/config/runtime.exs
index 49725821..b647dbbf 100644
--- a/config/runtime.exs
+++ b/config/runtime.exs
@@ -228,3 +228,33 @@ if feature_file_upload and (config_env() == :prod || config_env() == :dev) do
     secret_access_key: System.fetch_env!("OBJECT_STORAGE_PASSWORD")
   )
 end
+
+if config_env() == :prod do
+  force_ssl = System.get_env("FORCE_SSL", "true") == "true"
+
+  config :mindwendel, MindwendelWeb.Endpoint,
+    # This configuration ensures / enforces ssl requests sent to this mindwendel instance.
+    # See https://hexdocs.pm/phoenix/Phoenix.Endpoint.html#module-compile-time-configuration
+    #
+    # Note:
+    # This configuration also supports deploying mindwendel behind a reverse proxy (load balancer).
+    # For this to work, we tell the Phoenix endpoint Configuration (Plug.SSL) to parse the proper protocol from the x-forwarded-* header.
+    # See https://hexdocs.pm/plug/Plug.SSL.html#module-x-forwarded
+    # See https://hexdocs.pm/phoenix/Phoenix.Endpoint.html#module-compile-time-configuration
+    force_ssl: [
+      hsts: force_ssl,
+      rewrite_on: [
+        :x_forwarded_host,
+        :x_forwarded_port,
+        :x_forwarded_proto
+      ]
+    ],
+    http: [
+      transport_options: [
+        socket_opts: [
+          :inet6
+        ]
+      ]
+    ],
+    secret_key_base: secret_key_base
+end