2023-07-12 10:47:08 +03:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2023-07-13 10:36:07 +03:00
|
|
|
require "active_support/core_ext/integer/time"
|
|
|
|
|
2016-02-20 23:53:20 +02:00
|
|
|
Rails.application.configure do
|
|
|
|
# Settings specified here will take precedence over those in config/application.rb.
|
|
|
|
|
|
|
|
# Code is not reloaded between requests.
|
2023-10-25 16:56:09 +03:00
|
|
|
config.enable_reloading = false
|
2016-02-20 23:53:20 +02:00
|
|
|
|
|
|
|
# Eager load code on boot. This eager loads most of Rails and
|
|
|
|
# your application in memory, allowing both threaded web servers
|
|
|
|
# and those relying on copy on write to perform better.
|
|
|
|
# Rake tasks automatically ignore this option for performance.
|
|
|
|
config.eager_load = true
|
|
|
|
|
|
|
|
# Full error reports are disabled and caching is turned on.
|
|
|
|
config.consider_all_requests_local = false
|
2016-10-22 20:38:47 +03:00
|
|
|
config.action_controller.perform_caching = true
|
2018-10-12 03:19:10 +03:00
|
|
|
config.action_controller.asset_host = ENV['CDN_HOST'] if ENV['CDN_HOST'].present?
|
2016-02-20 23:53:20 +02:00
|
|
|
|
2023-10-25 16:56:09 +03:00
|
|
|
# Ensures that a master key has been made available in ENV["RAILS_MASTER_KEY"], config/master.key, or an environment
|
|
|
|
# key such as config/credentials/production.key. This key is used to decrypt credentials (and other encrypted files).
|
2018-04-12 15:45:17 +03:00
|
|
|
# config.require_master_key = true
|
|
|
|
|
2023-07-13 10:36:07 +03:00
|
|
|
# Compress CSS using a preprocessor.
|
|
|
|
# config.assets.css_compressor = :sass
|
2017-05-09 06:15:54 +03:00
|
|
|
|
2016-02-20 23:53:20 +02:00
|
|
|
# Do not fallback to assets pipeline if a precompiled asset is missed.
|
|
|
|
config.assets.compile = false
|
|
|
|
|
2023-07-13 10:36:07 +03:00
|
|
|
# Enable serving of images, stylesheets, and JavaScripts from an asset server.
|
|
|
|
# config.asset_host = "http://assets.example.com"
|
|
|
|
|
2016-02-20 23:53:20 +02:00
|
|
|
# Specifies the header that your server uses for sending files.
|
2023-03-16 03:55:13 +02:00
|
|
|
config.action_dispatch.x_sendfile_header = ENV['SENDFILE_HEADER'] if ENV['SENDFILE_HEADER'].present?
|
2023-07-13 10:36:07 +03:00
|
|
|
# config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
|
|
|
|
# config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
|
2016-02-20 23:53:20 +02:00
|
|
|
|
2017-01-22 21:35:49 +02:00
|
|
|
# Allow to specify public IP of reverse proxy if it's needed
|
2022-04-19 10:11:58 +03:00
|
|
|
config.action_dispatch.trusted_proxies = ENV['TRUSTED_PROXY_IP'].split(/(?:\s*,\s*|\s+)/).map { |item| IPAddr.new(item) } if ENV['TRUSTED_PROXY_IP'].present?
|
2017-01-22 21:35:49 +02:00
|
|
|
|
2023-07-13 10:36:07 +03:00
|
|
|
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
|
2021-03-24 11:44:31 +02:00
|
|
|
config.force_ssl = true
|
|
|
|
config.ssl_options = {
|
|
|
|
redirect: {
|
2023-11-08 14:01:18 +02:00
|
|
|
exclude: ->(request) { request.path.start_with?('/health') || request.headers["Host"].end_with?('.onion') || request.headers["Host"].end_with?('.i2p') }
|
2021-03-24 11:44:31 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-10-25 16:56:09 +03:00
|
|
|
# Info include generic and useful information about system operation, but avoids logging too much
|
|
|
|
# information to avoid inadvertent exposure of personally identifiable information (PII). If you
|
|
|
|
# want to log everything, set the level to "debug".
|
2017-04-12 00:28:23 +03:00
|
|
|
config.log_level = ENV.fetch('RAILS_LOG_LEVEL', 'info').to_sym
|
2016-02-20 23:53:20 +02:00
|
|
|
|
|
|
|
# Prepend all log lines with the following tags.
|
2017-02-23 03:14:35 +02:00
|
|
|
config.log_tags = [:request_id]
|
2016-02-20 23:53:20 +02:00
|
|
|
|
2017-05-22 16:01:02 +03:00
|
|
|
# Use a different cache store in production.
|
2021-03-17 11:09:55 +02:00
|
|
|
config.cache_store = :redis_cache_store, REDIS_CACHE_PARAMS
|
2017-05-22 16:01:02 +03:00
|
|
|
|
2023-07-13 10:36:07 +03:00
|
|
|
# Use a real queuing backend for Active Job (and separate queues per environment).
|
|
|
|
# config.active_job.queue_adapter = :resque
|
|
|
|
# config.active_job.queue_name_prefix = "mastodon_production"
|
|
|
|
|
|
|
|
config.action_mailer.perform_caching = false
|
|
|
|
|
2016-02-20 23:53:20 +02:00
|
|
|
# Ignore bad email addresses and do not raise email delivery errors.
|
|
|
|
# Set this to true and configure the email server for immediate delivery to raise delivery errors.
|
|
|
|
# config.action_mailer.raise_delivery_errors = false
|
|
|
|
|
|
|
|
# Enable locale fallbacks for I18n (makes lookups for any locale fall back to
|
2018-03-20 17:36:20 +02:00
|
|
|
# English when a translation cannot be found).
|
2023-10-25 16:56:09 +03:00
|
|
|
# This setting would typically be `true` to use the `I18n.default_locale`.
|
|
|
|
# Some locales are missing translation entries and would have errors:
|
|
|
|
# https://github.com/mastodon/mastodon/pull/24727
|
2023-04-30 03:22:20 +03:00
|
|
|
config.i18n.fallbacks = [:en]
|
2016-02-20 23:53:20 +02:00
|
|
|
|
2023-10-25 16:56:09 +03:00
|
|
|
# Don't log any deprecations.
|
|
|
|
config.active_support.report_deprecations = false
|
2016-02-20 23:53:20 +02:00
|
|
|
|
|
|
|
# Use default logging formatter so that PID and timestamp are not suppressed.
|
|
|
|
config.log_formatter = ::Logger::Formatter.new
|
|
|
|
|
2016-09-08 02:24:26 +03:00
|
|
|
# Better log formatting
|
|
|
|
config.lograge.enabled = true
|
|
|
|
|
2019-08-18 19:03:56 +03:00
|
|
|
config.lograge.custom_payload do |controller|
|
|
|
|
if controller.respond_to?(:signed_request?) && controller.signed_request?
|
|
|
|
{ key: controller.signature_key_id }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2023-07-13 10:36:07 +03:00
|
|
|
# Use a different logger for distributed setups.
|
|
|
|
# require "syslog/logger"
|
|
|
|
# config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
|
|
|
|
|
2023-10-25 16:56:09 +03:00
|
|
|
# Log to STDOUT by default
|
|
|
|
config.logger = ActiveSupport::Logger.new(STDOUT)
|
|
|
|
.tap { |logger| logger.formatter = ::Logger::Formatter.new }
|
|
|
|
.then { |logger| ActiveSupport::TaggedLogging.new(logger) }
|
2023-07-13 10:36:07 +03:00
|
|
|
|
2016-02-20 23:53:20 +02:00
|
|
|
# Do not dump schema after migrations.
|
|
|
|
config.active_record.dump_schema_after_migration = false
|
2016-03-16 13:13:40 +02:00
|
|
|
|
2016-08-17 18:56:23 +03:00
|
|
|
config.action_mailer.perform_caching = false
|
|
|
|
|
2016-03-16 13:13:40 +02:00
|
|
|
# E-mails
|
2021-04-19 19:41:29 +03:00
|
|
|
outgoing_email_address = ENV.fetch('SMTP_FROM_ADDRESS', 'notifications@localhost')
|
2022-03-28 10:39:31 +03:00
|
|
|
outgoing_email_domain = Mail::Address.new(outgoing_email_address).domain
|
|
|
|
|
2019-09-02 19:12:40 +03:00
|
|
|
config.action_mailer.default_options = {
|
2021-04-19 19:41:29 +03:00
|
|
|
from: outgoing_email_address,
|
2022-03-28 10:39:31 +03:00
|
|
|
message_id: -> { "<#{Mail.random_tag}@#{outgoing_email_domain}>" },
|
2019-09-02 19:12:40 +03:00
|
|
|
}
|
2017-07-07 01:12:12 +03:00
|
|
|
|
2022-04-07 14:32:12 +03:00
|
|
|
config.action_mailer.default_options[:reply_to] = ENV['SMTP_REPLY_TO'] if ENV['SMTP_REPLY_TO'].present?
|
|
|
|
config.action_mailer.default_options[:return_path] = ENV['SMTP_RETURN_PATH'] if ENV['SMTP_RETURN_PATH'].present?
|
|
|
|
|
2022-11-10 22:06:21 +02:00
|
|
|
enable_starttls = nil
|
|
|
|
enable_starttls_auto = nil
|
|
|
|
|
2022-11-11 02:33:32 +02:00
|
|
|
case ENV['SMTP_ENABLE_STARTTLS']
|
2022-11-10 22:06:21 +02:00
|
|
|
when 'always'
|
|
|
|
enable_starttls = true
|
|
|
|
when 'never'
|
|
|
|
enable_starttls = false
|
|
|
|
when 'auto'
|
|
|
|
enable_starttls_auto = true
|
|
|
|
else
|
|
|
|
enable_starttls_auto = ENV['SMTP_ENABLE_STARTTLS_AUTO'] != 'false'
|
|
|
|
end
|
|
|
|
|
2016-03-16 13:13:40 +02:00
|
|
|
config.action_mailer.smtp_settings = {
|
2022-11-17 12:05:39 +02:00
|
|
|
port: ENV['SMTP_PORT'],
|
|
|
|
address: ENV['SMTP_SERVER'],
|
|
|
|
user_name: ENV['SMTP_LOGIN'].presence,
|
|
|
|
password: ENV['SMTP_PASSWORD'].presence,
|
|
|
|
domain: ENV['SMTP_DOMAIN'] || ENV['LOCAL_DOMAIN'],
|
|
|
|
authentication: ENV['SMTP_AUTH_METHOD'] == 'none' ? nil : ENV['SMTP_AUTH_METHOD'] || :plain,
|
|
|
|
ca_file: ENV['SMTP_CA_FILE'].presence || '/etc/ssl/certs/ca-certificates.crt',
|
|
|
|
openssl_verify_mode: ENV['SMTP_OPENSSL_VERIFY_MODE'],
|
|
|
|
enable_starttls: enable_starttls,
|
|
|
|
enable_starttls_auto: enable_starttls_auto,
|
|
|
|
tls: ENV['SMTP_TLS'].presence && ENV['SMTP_TLS'] == 'true',
|
|
|
|
ssl: ENV['SMTP_SSL'].presence && ENV['SMTP_SSL'] == 'true',
|
2023-03-03 21:37:22 +02:00
|
|
|
read_timeout: 20,
|
2016-03-16 13:13:40 +02:00
|
|
|
}
|
|
|
|
|
2017-04-13 20:51:49 +03:00
|
|
|
config.action_mailer.delivery_method = ENV.fetch('SMTP_DELIVERY_METHOD', 'smtp').to_sym
|
|
|
|
|
2017-03-04 00:45:48 +02:00
|
|
|
config.action_dispatch.default_headers = {
|
2023-10-03 16:24:12 +03:00
|
|
|
'Server' => 'Mastodon',
|
|
|
|
'X-Frame-Options' => 'DENY',
|
2017-03-04 00:45:48 +02:00
|
|
|
'X-Content-Type-Options' => 'nosniff',
|
2023-10-03 16:24:12 +03:00
|
|
|
'X-XSS-Protection' => '0',
|
2023-10-08 18:21:12 +03:00
|
|
|
'X-Clacks-Overhead' => 'GNU Natalie Nguyen',
|
2023-10-03 16:24:12 +03:00
|
|
|
'Referrer-Policy' => 'same-origin',
|
2017-03-04 00:45:48 +02:00
|
|
|
}
|
2018-03-04 21:28:24 +02:00
|
|
|
|
|
|
|
config.x.otp_secret = ENV.fetch('OTP_SECRET')
|
2023-10-25 16:56:09 +03:00
|
|
|
|
|
|
|
# Enable DNS rebinding protection and other `Host` header attacks.
|
|
|
|
# config.hosts = [
|
|
|
|
# "example.com", # Allow requests from example.com
|
|
|
|
# /.*\.example\.com/ # Allow requests from subdomains like `www.example.com`
|
|
|
|
# ]
|
|
|
|
# Skip DNS rebinding protection for the default health check endpoint.
|
|
|
|
# config.host_authorization = { exclude: ->(request) { request.path == "/up" } }
|
2016-02-20 23:53:20 +02:00
|
|
|
end
|