1 files changed, 36 insertions, 60 deletions

diff --git a/shim_app.py b/shim_app.py
index 0e8297b..7723233 100644
--- a/shim_app.py
+++ b/shim_app.py
@@ -35,12 +35,23 @@ from flask import (
 from auth_backend import AuthBackend, LocalMojicryptAuthBackend
 
 
-SESSION_TTL_SECONDS = int(os.getenv("SHIM_SESSION_TTL_SECONDS", "86400"))
-MAX_UPLOAD_BYTES = int(os.getenv("SHIM_MAX_UPLOAD_BYTES", str(1024 * 1024 * 1024)))
-MAX_EXTRACTED_BYTES = int(
-    os.getenv("SHIM_MAX_EXTRACTED_BYTES", str(2 * 1024 * 1024 * 1024))
-)
-MAX_EXTRACTED_FILES = int(os.getenv("SHIM_MAX_EXTRACTED_FILES", "20000"))
+# config
+APP_NAME = "shim"
+BIND_HOST = "0.0.0.0"
+PORT = 8585
+
+SESSION_TTL_SECONDS = 86400
+MAX_UPLOAD_BYTES = 1024 * 1024 * 1024
+MAX_EXTRACTED_BYTES = 2 * 1024 * 1024 * 1024
+MAX_EXTRACTED_FILES = 20000
+MAX_FORM_MEMORY_SIZE = 2 * 1024 * 1024
+
+SQLITE_TIMEOUT_SECONDS = 30.0
+SQLITE_BUSY_TIMEOUT_MS = 30000
+SQLITE_CACHE_SIZE_KIB = 32768
+SQLITE_MMAP_SIZE_BYTES = 256 * 1024 * 1024
+SQLITE_WAL_AUTOCHECKPOINT_PAGES = 1000
+
 SESSION_COOKIE = "shim_session"
 ACTIVE_SITE_COOKIE = "shim_active_site"
 MUTATING_METHODS = {"POST", "PUT", "PATCH", "DELETE"}
@@ -62,6 +73,7 @@ ROOT_ATTR_RE = re.compile(r"(?i)\b(href|src|action|poster)=([\"'])/([^\"']*)\2")
 CSS_URL_RE = re.compile(r"(?i)url\(\s*([\"']?)/([^\)'\"\s]+)\1\s*\)")
 
 
+# template configs
 SHELL_TEMPLATE = """<!doctype html>
 <html lang="en">
 <head>
@@ -389,7 +401,7 @@ DASHBOARD_BODY_TEMPLATE = """
 {% endif %}
 """
 
-
+# code and server logic
 @dataclass(frozen=True)
 class AppConfig:
     base_dir: Path
@@ -681,24 +693,6 @@ def find_site_root(extracted_dir: Path) -> Path:
     return candidates[0].parent
 
 
-def env_int(name: str, default: int, minimum: int) -> int:
-    raw = os.getenv(name, str(default)).strip()
-    try:
-        value = int(raw)
-    except ValueError:
-        value = default
-    return max(value, minimum)
-
-
-def env_float(name: str, default: float, minimum: float) -> float:
-    raw = os.getenv(name, str(default)).strip()
-    try:
-        value = float(raw)
-    except ValueError:
-        value = default
-    return max(value, minimum)
-
-
 def env_bool(name: str, default: bool) -> bool:
     raw = os.getenv(name, "true" if default else "false").strip().lower()
     if raw in {"1", "true", "yes", "on"}:
@@ -710,14 +704,10 @@ def env_bool(name: str, default: bool) -> bool:
 
 def create_app(base_dir: Optional[Path] = None) -> Flask:
     project_dir = Path(base_dir or Path(__file__).parent).resolve()
-    app_name = os.getenv("SHIM_APP_NAME", "shim").strip() or "shim"
+    app_name = APP_NAME
     db_path = project_dir / "data" / "shim.db"
     sites_dir = project_dir / "data" / "sites"
-    default_mojicrypt = project_dir / "vendor" / "mojicrypt"
-    mojicrypt_env = os.getenv("SHIM_MOJICRYPT_BIN", str(default_mojicrypt))
-    mojicrypt_bin = Path(mojicrypt_env).expanduser()
-    if not mojicrypt_bin.is_absolute():
-        mojicrypt_bin = (project_dir / mojicrypt_bin).resolve()
+    mojicrypt_bin = (project_dir / "vendor" / "mojicrypt").resolve()
 
     cfg = AppConfig(
         base_dir=project_dir,
@@ -725,8 +715,8 @@ def create_app(base_dir: Optional[Path] = None) -> Flask:
         db_path=db_path,
         sites_dir=sites_dir,
         mojicrypt_bin=mojicrypt_bin,
-        bind=os.getenv("SHIM_BIND", "0.0.0.0"),
-        port=int(os.getenv("SHIM_PORT", "8585")),
+        bind=BIND_HOST,
+        port=PORT,
     )
 
     cfg.db_path.parent.mkdir(parents=True, exist_ok=True)
@@ -734,29 +724,19 @@ def create_app(base_dir: Optional[Path] = None) -> Flask:
 
     app = Flask(__name__, static_folder=None)
     app.config["MAX_CONTENT_LENGTH"] = MAX_UPLOAD_BYTES
-    app.config["MAX_FORM_MEMORY_SIZE"] = int(
-        os.getenv("SHIM_MAX_FORM_MEMORY_SIZE", str(2 * 1024 * 1024))
-    )
-    app.config["SECRET_KEY"] = os.getenv("SHIM_SECRET_KEY", secrets.token_hex(32))
-    app.config["SHIM_PORT"] = cfg.port
-    app.config["SHIM_BIND"] = cfg.bind
-    app.config["SHIM_APP_NAME"] = cfg.app_name
-    app.config["SHIM_MOJICRYPT_BIN"] = str(cfg.mojicrypt_bin)
-
-    sqlite_timeout_seconds = env_float("SHIM_SQLITE_TIMEOUT_SECONDS", 30.0, 1.0)
-    sqlite_busy_timeout_ms = env_int("SHIM_SQLITE_BUSY_TIMEOUT_MS", 30000, 1000)
-    sqlite_cache_size_kib = env_int("SHIM_SQLITE_CACHE_SIZE_KIB", 32768, 4096)
-    sqlite_mmap_size_bytes = env_int(
-        "SHIM_SQLITE_MMAP_SIZE_BYTES", 256 * 1024 * 1024, 0
-    )
-    sqlite_wal_autocheckpoint_pages = env_int(
-        "SHIM_SQLITE_WAL_AUTOCHECKPOINT_PAGES", 1000, 100
-    )
-    enforce_app_request_guards = env_bool("SHIM_ENFORCE_APP_REQUEST_GUARDS", False)
-
-    cookie_secure_mode = os.getenv("SHIM_COOKIE_SECURE", "auto").strip().lower()
-    if cookie_secure_mode not in {"auto", "true", "false"}:
-        cookie_secure_mode = "auto"
+    app.config["MAX_FORM_MEMORY_SIZE"] = MAX_FORM_MEMORY_SIZE
+    app.config["SECRET_KEY"] = os.getenv("SECRET_KEY", secrets.token_hex(32))
+    app.config["PORT"] = cfg.port
+    app.config["BIND"] = cfg.bind
+    app.config["APP_NAME"] = cfg.app_name
+    app.config["MOJICRYPT_BIN"] = str(cfg.mojicrypt_bin)
+
+    sqlite_timeout_seconds = SQLITE_TIMEOUT_SECONDS
+    sqlite_busy_timeout_ms = SQLITE_BUSY_TIMEOUT_MS
+    sqlite_cache_size_kib = SQLITE_CACHE_SIZE_KIB
+    sqlite_mmap_size_bytes = SQLITE_MMAP_SIZE_BYTES
+    sqlite_wal_autocheckpoint_pages = SQLITE_WAL_AUTOCHECKPOINT_PAGES
+    enforce_app_request_guards = env_bool("ENFORCE_APP_REQUEST_GUARDS", False)
 
     def connect_db() -> sqlite3.Connection:
         conn = sqlite3.connect(str(cfg.db_path), timeout=sqlite_timeout_seconds)
@@ -848,10 +828,6 @@ def create_app(base_dir: Optional[Path] = None) -> Flask:
         )
 
     def cookie_secure_enabled() -> bool:
-        if cookie_secure_mode == "true":
-            return True
-        if cookie_secure_mode == "false":
-            return False
         if request.is_secure:
             return True
         xfp = request.headers.get("X-Forwarded-Proto", "")