init-environment.js

import os from 'os';
import path from 'path';

const COMPANY = 'companydir';
const APP = 'appdir';

export const getDefaultDataPath = (env = process.env, useOS = os.platform()) => {
  switch (useOS) {
    case 'win32':
      return path.join(env.PROGRAMDATA || 'C:/ProgramData', `${COMPANY}/${APP}/`);
    case 'darwin': // MacOS
      return `/Library/Application Support/${COMPANY}/${APP}/`;
    case 'linux':
    case 'aix':
    case 'freebsd':
    case 'openbsd':
    case 'sunos':
    default:
      return `/var/lib/${COMPANY}/${APP}/`;
  }
};

export const getConfig = (env = process.env, useOS = os.platform()) => {
  /**
   * Baseline options from environment variables
   *
   * `APP_SECRET` the secret to use for aes-256-ctr encryption
   * `APP_DATA_PATH` the full path to the sqlite database file to use.
   * `APP_PASSCHECK_URL` [optional] the base url to use for compromized passphrase range checking, must match haveibeenpwnd api, will use the live API by default.
   * `APP_KEY_PVT` or `APP_KEY_PATH_PVT` - PEM format
   * `APP_KEY_PUB` or `APP_KEY_PATH_PUB` - PEM format
   * `APP_KEY_PVT_SECRET` secret for pvt key, fallback to `APP_SECRET` or default
   */

  const {
    APP_SECRET,
    APP_DATA_PATH,
    APP_PASSCHECK_URL,
    APP_KEY_PVT,
    APP_KEY_PUB,
    APP_KEY_PATH_PVT,
    APP_KEY_PATH_PUB,
    APP_KEY_PVT_SECRET,
  } = env;

  const dataPath = APP_DATA_PATH || getDefaultDataPath(env, useOS);
  const config = {
    data: dataPath,
    secret: APP_SECRET || '12345_is_a_bad_passphrase',
    dbPath: path.join(dataPath, `${APP}.db`),
    pubKey: APP_KEY_PUB,
    pvtKey: APP_KEY_PVT,
    pvtKeySecret: APP_KEY_PVT_SECRET || APP_SECRET || '12345_is_a_bad_passphrase',
    pubKeyPath: APP_KEY_PATH_PUB,
    pvtKeyPath: APP_KEY_PATH_PVT,
    passcheckUrl: APP_PASSCHECK_URL || 'https://api.pwnedpasswords.com/range/',
  };
  return config;
};

export let config = getConfig();

export default config;