From 67fc55af93c32d8e0efef6ccfe8ab1070e36549c Mon Sep 17 00:00:00 2001
From: Christian Paul <christianp@matrix.org>
Date: Fri, 13 Jan 2023 16:39:34 +0100
Subject: [PATCH] Change URL protocol in the ocumentation and sample configs to
 HTTPS (#623)

* Config: Use variables for similar values
* Configs and Documentation: http -> https, except for localhost
---
 changelog.d/623.doc      |  1 +
 config.sample.yml        |  4 ++--
 docs/advanced/widgets.md |  2 +-
 docs/setup/jira.md       |  4 ++--
 src/Config/Defaults.ts   | 21 ++++++++++++---------
 5 files changed, 18 insertions(+), 14 deletions(-)
 create mode 100644 changelog.d/623.doc

diff --git a/changelog.d/623.doc b/changelog.d/623.doc
new file mode 100644
index 00000000..5e389d15
--- /dev/null
+++ b/changelog.d/623.doc
@@ -0,0 +1 @@
+Change URL protocol in the ocumentation and sample configs to HTTPS.
diff --git a/config.sample.yml b/config.sample.yml
index 2122e3e1..2cf86367 100644
--- a/config.sample.yml
+++ b/config.sample.yml
@@ -5,7 +5,7 @@ bridge:
   #
   domain: example.com
   url: http://localhost:8008
-  mediaUrl: http://example.com
+  mediaUrl: https://example.com
   port: 9993
   bindAddress: 127.0.0.1
 github:
@@ -154,7 +154,7 @@ widgets:
     - fec0::/10
   roomSetupWidget:
     addOnInvite: false
-  publicUrl: http://example.com/widgetapi/v1/static/
+  publicUrl: https://example.com/widgetapi/v1/static/
   branding:
     widgetTitle: Hookshot Configuration
 permissions:
diff --git a/docs/advanced/widgets.md b/docs/advanced/widgets.md
index ec3da2ff..73575b80 100644
--- a/docs/advanced/widgets.md
+++ b/docs/advanced/widgets.md
@@ -39,7 +39,7 @@ widgets:
 #     - 2001:db8::/32
 #     - ff00::/8
 #     - fec0::/10
-  publicUrl: http://example.com/widgetapi/v1/static
+  publicUrl: https://example.com/widgetapi/v1/static
   branding:
     widgetTitle: Hookshot Configuration
   openIdOverrides:
diff --git a/docs/setup/jira.md b/docs/setup/jira.md
index ceb91f1c..57f83e65 100644
--- a/docs/setup/jira.md
+++ b/docs/setup/jira.md
@@ -74,7 +74,7 @@ To begin, configure your `config.yml`:
 
 ```yaml
 jira:
-  url: http://yourjirainstance.com # The location of your jira instance.
+  url: https://yourjirainstance.com # The location of your jira instance.
   webhook:
     # A secret string generated by you.
     secret: Ieph7iecheiThoo1othaineewieSh1koh2chainohtooyoh4waht1oetoaSoh6oh
@@ -98,7 +98,7 @@ To start with, set up your JIRA instance to support OAuth.
    1. The Application Name can be anything, but for simplicty we usually use `matrix-hookshot`
    2. The Application Type should be **Generic Application**
    3. The Consumer key, and shared secret can be any string, they are not used.
-   4. The URLs can be any URL, they are not used (e.g. `http://example.com`)
+   4. The URLs can be any URL, they are not used (e.g. `https://example.com`)
    5. Ensure you enable **Create incoming link**
    6. Click **Continue**
 6. On the next step:
diff --git a/src/Config/Defaults.ts b/src/Config/Defaults.ts
index da0985e7..db9959cc 100644
--- a/src/Config/Defaults.ts
+++ b/src/Config/Defaults.ts
@@ -5,11 +5,14 @@ import { Node, YAMLSeq } from "yaml/types";
 import { randomBytes } from "crypto";
 import { DefaultDisallowedIpRanges } from "matrix-appservice-bridge";
 
+const serverName = "example.com";
+const hookshotWebhooksUrl = "https://example.com";
+
 export const DefaultConfig = new BridgeConfig({
     bridge: {
-        domain: "example.com",
+        domain: serverName,
         url: "http://localhost:8008",
-        mediaUrl: "http://example.com",
+        mediaUrl: "https://example.com",
         port: 9993,
         bindAddress: "127.0.0.1",
     },
@@ -25,7 +28,7 @@ export const DefaultConfig = new BridgeConfig({
         timestampFormat: "HH:mm:ss:SSS",
     },
     permissions: [{
-        actor: "example.com",
+        actor: serverName,
         services: [{
             service: "*",
             level: "admin"
@@ -33,7 +36,7 @@ export const DefaultConfig = new BridgeConfig({
     }],
     passFile: "passkey.pem",
     widgets: {
-        publicUrl: "http://example.com/widgetapi/v1/static",
+        publicUrl: `${hookshotWebhooksUrl}/widgetapi/v1/static`,
         addToAdminRooms: false,
         roomSetupWidget: {
             addOnInvite: false,
@@ -64,7 +67,7 @@ export const DefaultConfig = new BridgeConfig({
         oauth: {
             client_id: "foo",
             client_secret: "bar",
-            redirect_uri: "https://example.com/bridge_oauth/",
+            redirect_uri: `${hookshotWebhooksUrl}/bridge_oauth/`,
         },
         webhook: {
             secret: "secrettoken",
@@ -85,7 +88,7 @@ export const DefaultConfig = new BridgeConfig({
         },
         webhook: {
             secret: "secrettoken",
-            publicUrl: "https://example.com/hookshot/"
+            publicUrl: `${hookshotWebhooksUrl}/hookshot/`,
         },
         userIdPrefix: "_gitlab_",
     },
@@ -96,19 +99,19 @@ export const DefaultConfig = new BridgeConfig({
         oauth: {
             client_id: "foo",
             client_secret: "bar",
-            redirect_uri: "https://example.com/bridge_oauth/",
+            redirect_uri: `${hookshotWebhooksUrl}/bridge_oauth/`,
         },
     },
     generic: {
         allowJsTransformationFunctions: false,
         enabled: false,
         enableHttpGet: false,
-        urlPrefix: "https://example.com/webhook/",
+        urlPrefix: `${hookshotWebhooksUrl}/webhook/`,
         userIdPrefix: "_webhooks_",
         waitForComplete: false,
     },
     figma: {
-        publicUrl: "https://example.com/hookshot/",
+        publicUrl: `${hookshotWebhooksUrl}/hookshot/`,
         instances: {
             "your-instance": {
                 teamId: "your-team-id",