Eugen Rochko
f90a6f8d8c
Add back a cleaner and leaner .env.production.sample ( #14206 )
4 years ago
Eugen Rochko
42d2f45db1
Remove the terms blacklist and whitelist from UX ( #14149 )
...
Localization strings:
- "Whitelist mode" -> "Limited federation mode"
- "Blacklist e-mail domain" -> "Block e-mail domain"
- "Whitelist domain" -> "Allow domain for federation"
...And so on
Environment variables (backwards-compatible):
- `WHITELIST_MODE` -> `LIMITED_FEDERATION_MODE`
- `EMAIL_DOMAIN_BLACKLIST` -> `EMAIL_DOMAIN_DENYLIST`
- `EMAIL_DOMAIN_WHITELIST` -> `EMAIL_DOMAIN_ALLOWLIST`
tootctl:
- `tootctl domains purge --whitelist-mode` -> `tootctl domains purge --limited-federation-mode`
Removed badly maintained and no longer relevant .env.production.sample file
4 years ago
Denis Teyssier
221cd364b6
Updated docker-compose snippet to a working one ( #13196 )
...
added 'bundle exec' before rake
5 years ago
ThibG
f5236fe95a
Document AUTHORIZED_FETCH mode and WHITELIST_MODE ( #12856 )
...
* Document AUTHORIZED_FETCH mode and WHITELIST_MODE
* Replace extended description with a link to the online docs
5 years ago
Aries
9e6149ff63
Fix sample SAML_ACS_URL, SAML_ISSUER ( #12669 )
5 years ago
Mathieu Brunot
128a7ab7eb
✨ Add an LDAP Mail attribute config ( #12053 )
...
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
5 years ago
Mathieu Brunot
462788cb12
✨ Convert LDAP username ( #12461 )
...
* ✨ Convert LDAP username #12021
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
* 🐛 Fix conversion var use
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
* 🐛 Fix LDAP uid conversion test
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
* 👌 Remove comments with ref to PR
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
* 👌 Remove unnecessary paranthesis
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
* 🔧 Move space in conversion string
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
5 years ago
Mathieu Brunot
966e7fe7de
Remove quotes in `LDAP_SEARCH_FILTER` example ( #12019 )
5 years ago
Yamagishi Kazutoshi
71ff422997
Add config of multipart threshold for S3 ( #11924 )
5 years ago
Hugo Gameiro
3cd3cb6a41
Add SMTP reply_to option ( #11718 )
...
* Add SMTP_REPLY_TO in .env.production.sample
* Set reply_to in SMTP options
5 years ago
Stanislas
9767db2a6b
Add ES_PREFIX in .env.production.sample ( #10087 )
6 years ago
M Somerville
4b27569841
Rename S3_CLOUDFRONT_HOST to S3_ALIAS_HOST. ( #8423 )
...
Still check for S3_CLOUDFRONT_HOST for existing installs.
6 years ago
Immae
cbaabe0215
Add ldap search filter ( #8151 )
6 years ago
MIYAGI Hikaru
ac56fa3c22
Merge `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` into `ALLOW_ACCESS_TO_HIDDEN_SERVICE` ( #7901 )
...
If Mastodon accesses to the hidden service via transparent proxy, it's needed to avoid checking whether it's a private address, since `.onion` is resolved to a private address.
I was previously using the `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` to provide that function. However, I realized that using `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` is redundant, since this specification is always used with `ALLOW_ACCESS_TO_HIDDEN_SERVICE`. Therefore, I decided to integrate the setting of `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` into` ALLOW_ACCESS_TO_HIDDEN_SERVICE`.
6 years ago
Akihiko Odaki
0cb1524dc1
Cache attachments on external host with service worker ( #7493 )
7 years ago
Hugo Gameiro
27cfb13b83
Improve OpenStack v3 compatibility ( #7392 )
...
* Update paperclip.rb
* Update .env.production.sample
* Update paperclip.rb
7 years ago
MIYAGI Hikaru
28808f638e
HTTP proxy support for outgoing request, manage access to hidden service ( #7134 )
...
* Add support for HTTP client proxy
* Add access control for darknet
Supress error when access to darknet via transparent proxy
* Fix the codes pointed out
* Lint
* Fix an omission + lint
* any? -> include?
* Change detection method to regexp to avoid test fail
7 years ago
Akihiko Odaki
aec3ebab81
Document CORS requirement for asset host ( #6941 )
7 years ago
Alexander
af08f6042d
rename pam email environment variable to something more understandable and default to LOCAL_DOMAIN (better fallback) ( #6833 )
7 years ago
Eugen Rochko
8b18784116
Adjust suggested ES host in .env sample for docker-compose config ( #6710 )
7 years ago
Effy Elden
4a8046df66
Add additional first_name and last_name SAML attribute statement options, and modify Omniauthable concern to use full_name or first_name + last_name if not available ( #6669 )
7 years ago
Alexander
988f6505e4
fix logic for pam_controlled_service ( #6599 )
7 years ago
Eugen Rochko
35b45a5c11
Add LDAP options to .env.production.sample ( #6592 )
7 years ago
Eugen Rochko
f35356609b
Ensure the app does not even start if OTP_SECRET is not set ( #6557 )
...
* Ensure the app does not even start if OTP_SECRET is not set
* Remove PAPERCLIP_SECRET (it's not used by anything, actually)
Imports are for internal consumption and the url option isn't even
used correctly, so we can remove the hash stuff from them
7 years ago
Eugen Rochko
b5105e6898
Fix #6536 ( #6558 )
7 years ago
Ghislain Loaec
d1806f5dc4
New variable OAUTH_REDIRECT_AT_SIGN_IN + Ref #6538 (not only SAML strategies) ( #6540 )
7 years ago
Alexander
32cc2d8c9b
Update pam documentation ( #6518 )
...
* document pam email extraction
* remove superfluous newline
7 years ago
Ghislain Loaec
deea524052
New env variable: SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED + fixes #6533 ( #6538 )
7 years ago
Eugen Rochko
7ca5a06505
Full-text search for authorized statuses ( #6423 )
...
* Add full-text search for authorized statuses
- Search API will return statuses that match the query
- Only for logged in users
- Only if you are author of the status,
- Or you were mentioned in it
- Or you favourited or reblogged it
- Configuration over `ES_ENABLED`, `ES_HOST`, `ES_PORT`, `ES_PREFIX`
- Run `rails chewy:deploy` to create & populate index
Fix #5880
Fix #4293
Fix #1152
* Add commented out docker-compose configuration for ES container
* Optimize index import, filter search results
* Add basic normalization to the index
* Add better stemming and normalization to the index
* Skip webfinger request if search query includes both @ and a space
* Fix code style
* Visually separate search result sections
* Fix code style issues
7 years ago
Eugen Rochko
555e7205da
Make PAM gem optional, allow configuration over environment ( #6415 )
7 years ago
Eugen Rochko
5322013f25
CAS + SAML authentication feature ( #6425 )
...
* Cas authentication feature
* Config
* Remove class_eval + Omniauth initializer
* Codeclimate review
* Codeclimate review 2
* Codeclimate review 3
* Remove uid/email reconciliation
* SAML authentication
* Clean up code
* Improve login form
* Fix code style issues
* Add locales
7 years ago
nightpool
e921778dd3
enforce LOCAL_HTTPS=true in production ( #6061 )
...
* enforce https in production
* note changes in production env sample
* typo fix
7 years ago
Nolan Lawson
1e65921ed8
Document REDIS_NAMESPACE ( #5038 )
7 years ago
Patrick Figel
759bbdd9ca
Add OpenStack Keystone V3 support ( #4889 )
...
Keystone V2 is deprecated in favour of V3. This adds the necessary
connection parameters for establishing a V3 connection. Connections
to V2 endpoints are still possible and the configuration should
remain compatible.
This also introduces a SWIFT_REGION variable for multi-region
OpenStack environments and a SWIFT_CACHE_TTL that controls how long
tokens and other meta-data is cached for. Caching tokens avoids
rate-limiting errors that would result in media uploads becoming
unavailable during high load or when using tasks like
media:remove_remote. fog-openstack only supports token caching for
V3 endpoints, so a recommendation for using V3 was added.
7 years ago
Yamagishi Kazutoshi
85909a8b22
Add environment sample for OpenStack Swift ( #4816 )
7 years ago
Treyssat-Vincent Nino
57e50aa023
comment correction ( #4812 )
7 years ago
ScienJus
ea264f848f
Show SMTP_TLS in config sample ( #4477 )
7 years ago
Yamagishi Kazutoshi
7be29a500d
Add Rake task for generate VAPID key ( #4195 )
...
* Add Rake task for generate VAPID key
* edit config/initializers/vapid.rb
7 years ago
Sorin Davidoi
ecab38fd66
Web Push Notifications ( #3243 )
...
* feat: Register push subscription
* feat: Notify when mentioned
* feat: Boost, favourite, reply, follow, follow request
* feat: Notification interaction
* feat: Handle change of public key
* feat: Unsubscribe if things go wrong
* feat: Do not send normal notifications if push is enabled
* feat: Focus client if open
* refactor: Move push logic to WebPushSubscription
* feat: Better title and body
* feat: Localize messages
* chore: Fix lint errors
* feat: Settings
* refactor: Lazy load
* fix: Check if push settings exist
* feat: Device-based preferences
* refactor: Simplify logic
* refactor: Pull request feedback
* refactor: Pull request feedback
* refactor: Create /api/web/push_subscriptions endpoint
* feat: Spec PushSubscriptionController
* refactor: WebPushSubscription => Web::PushSubscription
* feat: Spec Web::PushSubscription
* feat: Display first media attachment
* feat: Support direction
* fix: Stuff broken while rebasing
* refactor: Integration with session activations
* refactor: Cleanup
* refactor: Simplify implementation
* feat: Set VAPID keys via environment
* chore: Comments
* fix: Crash when no alerts
* fix: Set VAPID keys in testing environment
* fix: Follow link
* feat: Notification actions
* fix: Delete previous subscription
* chore: Temporary logs
* refactor: Move migration to a later date
* fix: Fetch the correct session activation and misc bugs
* refactor: Move migration to a later date
* fix: Remove follow request (no notifications)
* feat: Send administrator contact to push service
* feat: Set time-to-live
* fix: Do not show sensitive images
* fix: Reducer crash in error handling
* feat: Add badge
* chore: Fix lint error
* fix: Checkbox label overlap
* fix: Check for payload support
* fix: Rename action "type" (crash in latest Chrome)
* feat: Action to expand notification
* fix: Lint errors
* fix: Unescape notification body
* fix: Do not allow boosting if the status is hidden
* feat: Add VAPID keys to the production sample environment
* fix: Strip HTML tags from status
* refactor: Better error messages
* refactor: Handle browser not implementing the VAPID protocol (Samsung Internet)
* fix: Error when target_status is nil
* fix: Handle lack of image
* fix: Delete reference to invalid subscriptions
* feat: Better error handling
* fix: Unescape HTML characters after tags are striped
* refactor: Simpify code
* fix: Modify to work with #4091
* Sort strings alphabetically
* i18n: Updated Polish translation
it annoys me that it's not fully localized :P
* refactor: Use current_session in PushSubscriptionController
* fix: Rebase mistake
* fix: Set cacheName to mastodon
* refactor: Pull request feedback
* refactor: Remove logging statements
* chore(yarn): Fix conflicts with master
* chore(yarn): Copy latest from master
* chore(yarn): Readd offline-plugin
* refactor: Use save! and update!
* refactor: Send notifications async
* fix: Allow retry when push fails
* fix: Save track for failed pushes
* fix: Minify sw.js
* fix: Remove account_id from fabricator
7 years ago
Chris
d388b5af3f
added 'https://' to CDN_HOST variable example ( #3446 )
8 years ago
Immae
ae917bfb23
Allow alternate domains for mastodon handlers ( #3187 )
8 years ago
Wonderfall
8b954737b8
Some Dockerfile improvements ( #3182 )
...
- improve docker_entrypoint.sh
- serve static files with puma by default
- sort packages list
- use virtual package for build deps
- show how to assign UID/GID
8 years ago
Audun Larsen
2aa05dc765
Adds better documentation to LOCAL_DOMAIN and LOCAL_HTTPS ( #3149 )
...
Fixes #2254
8 years ago
Jarek Lipski
4557bf1255
Improve example env file for local Postfix relay ( #2892 )
8 years ago
ThibG
02500e3f64
Add additional documentation and warnings to the WEB_DOMAIN setting. ( #2386 )
...
* Add additional documentation and warnings to the WEB_DOMAIN setting.
This feature is largely undocumented, and quite a number of users have
shot them in the feet already despite the warning. Added a bit of documentation
and expanded the warning until we have a mechanism for dealing with conflicting
user URIs.
* Change WEB_DOMAIN comments to point to the extensive online documentation
8 years ago
abcang
2ceaa88ed0
fix DB_URL ( #2778 )
8 years ago
Eugen Rochko
0951a2f9f3
Clean up redis configuration. Allow using REDIS_URL to set advanced ( #2732 )
...
connection options instead of setting REDIS_HOST etc individually
Close #1986
8 years ago
Akihiko Odaki
40a06ce911
Allow to set CA file for SMTP ( #2713 )
8 years ago
evilny0
520dd00efd
Updated note about 'none' SMTP authentication method in .env.production.sample ( #2167 )
8 years ago
Yamagishi Kazutoshi
a3358f438f
Change to switch signature version for Amazon S3 ( #2124 )
8 years ago