From aa8715447656f7718f0ca4d495223f9968a5e002 Mon Sep 17 00:00:00 2001
From: James Smith <james@floppy.org.uk>
Date: Tue, 18 Jun 2024 12:08:42 +0100
Subject: [PATCH] Add env option to force SSL-only connections

---
 config/environments/production.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/environments/production.rb b/config/environments/production.rb
index b62257d61..5735697ff 100644
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -46,7 +46,7 @@
   # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
 
   # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
-  # config.force_ssl = true
+  config.force_ssl = (ENV.fetch("HTTPS_ONLY", nil) === "enabled")
 
   # Include generic and useful information about system operation, but avoid logging too much
   # information to avoid inadvertent exposure of personally identifiable information (PII).