summaryrefslogtreecommitdiffstats
path: root/src/invidious.cr
diff options
context:
space:
mode:
Diffstat (limited to 'src/invidious.cr')
-rw-r--r--src/invidious.cr24
1 files changed, 24 insertions, 0 deletions
diff --git a/src/invidious.cr b/src/invidious.cr
index 1474fa40..9e4c3408 100644
--- a/src/invidious.cr
+++ b/src/invidious.cr
@@ -25,6 +25,7 @@ CONFIG = Config.from_yaml(File.read("config/config.yml"))
pool_size = CONFIG.pool_size
threads = CONFIG.threads
+redirect = CONFIG.redirect
Kemal.config.extra_options do |parser|
parser.banner = "Usage: invidious [arguments]"
@@ -44,6 +45,16 @@ Kemal.config.extra_options do |parser|
exit
end
end
+ parser.on("-r REDIRECT", "--redirect=BOOL", "Whether insecure requests should be forced to HTTPS, requires -s (default #{redirect})") do |boolean|
+ if boolean == "true"
+ redirect = true
+ elsif boolean == "false"
+ redirect = false
+ else
+ puts "REDIRECT must be 'true' or 'false'"
+ exit
+ end
+ end
end
Kemal::CLI.new
@@ -327,6 +338,19 @@ error 500 do |env|
templated "error"
end
+# Add redirect if SSL is enabled and redirect is enabled
+if Kemal.config.ssl && redirect
+ spawn do
+ server = HTTP::Server.new("0.0.0.0", 80) do |context|
+ context.response.headers.add "Strict-Transport-Security", "max-age=31536000; includeSubDomains; preload"
+ context.response.headers.add "Location", "https://#{context.request.headers["Host"]}"
+ context.response.status_code = 302
+ end
+
+ server.listen
+ end
+end
+
static_headers do |response, filepath, filestat|
response.headers.add("Cache-Control", "max-age=86400")
end
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-17 21:56:40 +0000