3d7ce178dd
Use allow/deny-list instead of white/black-list in .env.production.sample
...
.env.production.sample has been nuked upstream, but we decided to keep it,
so change it to reflect latest changes in environment variable names.
(The link still refers to “whitelist_mode” because the documentation hasn't
been updated yet)
4 years ago
8c04e37b03
Remove the terms blacklist and whitelist from UX ( #14149 )
...
Localization strings:
- "Whitelist mode" -> "Limited federation mode"
- "Blacklist e-mail domain" -> "Block e-mail domain"
- "Whitelist domain" -> "Allow domain for federation"
...And so on
Environment variables (backwards-compatible):
- `WHITELIST_MODE` -> `LIMITED_FEDERATION_MODE`
- `EMAIL_DOMAIN_BLACKLIST` -> `EMAIL_DOMAIN_DENYLIST`
- `EMAIL_DOMAIN_WHITELIST` -> `EMAIL_DOMAIN_ALLOWLIST`
tootctl:
- `tootctl domains purge --whitelist-mode` -> `tootctl domains purge --limited-federation-mode`
Removed badly maintained and no longer relevant .env.production.sample file
4 years ago
73f3842284
Updated docker-compose snippet to a working one ( #13196 )
...
added 'bundle exec' before rake
5 years ago
ccaefd139d
Add environment variable to specify extra data hosts
...
Fixes #1276
5 years ago
27f9aa3477
Document AUTHORIZED_FETCH mode and WHITELIST_MODE ( #12856 )
...
* Document AUTHORIZED_FETCH mode and WHITELIST_MODE
* Replace extended description with a link to the online docs
5 years ago
44f88a334b
Fix sample SAML_ACS_URL, SAML_ISSUER ( #12669 )
5 years ago
bd8dc9bd0c
✨ Add an LDAP Mail attribute config ( #12053 )
...
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
5 years ago
d70268f099
✨ Convert LDAP username ( #12461 )
...
* ✨ Convert LDAP username #12021
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
* 🐛 Fix conversion var use
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
* 🐛 Fix LDAP uid conversion test
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
* 👌 Remove comments with ref to PR
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
* 👌 Remove unnecessary paranthesis
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
* 🔧 Move space in conversion string
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
5 years ago
b85fb6b5e7
Remove quotes in `LDAP_SEARCH_FILTER` example ( #12019 )
5 years ago
172eaeba3f
Add config of multipart threshold for S3 ( #11924 )
5 years ago
5466b39c78
Add SMTP reply_to option ( #11718 )
...
* Add SMTP_REPLY_TO in .env.production.sample
* Set reply_to in SMTP options
5 years ago
19c3a941e8
Added max search results var to sample env
...
Added and documented MAX_SEARCH_RESULTS to the .env.production.sample file
5 years ago
81bf43cfdd
Change .env.production.sample to specify that MAX_VIDEO_SIZE also applies to audio files
5 years ago
1d5434d34c
Add audio length var to env sample
...
Added MAX_AUDIO_LENGTH var and documented in .env.production.sample
6 years ago
35c4ff07f4
Added various vars to env sample
...
Added several vars that are already implemented to the .env.production.sample file.
-Max bio character limit
-Number of profile fields allowed
-Max display name character limit
6 years ago
da7bcf29d4
Fixed the very wrong byte to megabyte conversion
6 years ago
a7b4e7efdd
Correctly documented max image and video vars
...
Added MAX_IMAGE_SIZE and MAX_VIDEO_SIZE and documented their usage.
6 years ago
a3c7dd92f3
Add ES_PREFIX in .env.production.sample ( #10087 )
6 years ago
5616200ed4
added documentation into .env.production.sample
...
moved max pin count into constant
6 years ago
2bba6e582d
Rename S3_CLOUDFRONT_HOST to S3_ALIAS_HOST. ( #8423 )
...
Still check for S3_CLOUDFRONT_HOST for existing installs.
6 years ago
b0f4fe456b
Add ldap search filter ( #8151 )
6 years ago
ddd0bb69e1
Merge `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` into `ALLOW_ACCESS_TO_HIDDEN_SERVICE` ( #7901 )
...
If Mastodon accesses to the hidden service via transparent proxy, it's needed to avoid checking whether it's a private address, since `.onion` is resolved to a private address.
I was previously using the `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` to provide that function. However, I realized that using `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` is redundant, since this specification is always used with `ALLOW_ACCESS_TO_HIDDEN_SERVICE`. Therefore, I decided to integrate the setting of `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` into` ALLOW_ACCESS_TO_HIDDEN_SERVICE`.
6 years ago
d95642f6d9
Cache attachments on external host with service worker ( #7493 )
7 years ago
ea4e243303
Improve OpenStack v3 compatibility ( #7392 )
...
* Update paperclip.rb
* Update .env.production.sample
* Update paperclip.rb
7 years ago
f58dcbc981
HTTP proxy support for outgoing request, manage access to hidden service ( #7134 )
...
* Add support for HTTP client proxy
* Add access control for darknet
Supress error when access to darknet via transparent proxy
* Fix the codes pointed out
* Lint
* Fix an omission + lint
* any? -> include?
* Change detection method to regexp to avoid test fail
7 years ago
4f9136d2d5
Document CORS requirement for asset host ( #6941 )
7 years ago
33ee347c99
rename pam email environment variable to something more understandable and default to LOCAL_DOMAIN (better fallback) ( #6833 )
7 years ago
675b8fea53
Adjust suggested ES host in .env sample for docker-compose config ( #6710 )
7 years ago
dd9d00d293
Add additional first_name and last_name SAML attribute statement options, and modify Omniauthable concern to use full_name or first_name + last_name if not available ( #6669 )
7 years ago
42fe05dea1
fix logic for pam_controlled_service ( #6599 )
7 years ago
b4f8e87358
Add LDAP options to .env.production.sample ( #6592 )
7 years ago
5cc716688a
Ensure the app does not even start if OTP_SECRET is not set ( #6557 )
...
* Ensure the app does not even start if OTP_SECRET is not set
* Remove PAPERCLIP_SECRET (it's not used by anything, actually)
Imports are for internal consumption and the url option isn't even
used correctly, so we can remove the hash stuff from them
7 years ago
f0a1b1a152
Fix #6536 ( #6558 )
7 years ago
e668180044
New variable OAUTH_REDIRECT_AT_SIGN_IN + Ref #6538 (not only SAML strategies) ( #6540 )
7 years ago
8fa924e372
Update pam documentation ( #6518 )
...
* document pam email extraction
* remove superfluous newline
7 years ago
3084fe4959
New env variable: SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED + fixes #6533 ( #6538 )
7 years ago
3ebc0ad4d3
Full-text search for authorized statuses ( #6423 )
...
* Add full-text search for authorized statuses
- Search API will return statuses that match the query
- Only for logged in users
- Only if you are author of the status,
- Or you were mentioned in it
- Or you favourited or reblogged it
- Configuration over `ES_ENABLED`, `ES_HOST`, `ES_PORT`, `ES_PREFIX`
- Run `rails chewy:deploy` to create & populate index
Fix #5880
Fix #4293
Fix #1152
* Add commented out docker-compose configuration for ES container
* Optimize index import, filter search results
* Add basic normalization to the index
* Add better stemming and normalization to the index
* Skip webfinger request if search query includes both @ and a space
* Fix code style
* Visually separate search result sections
* Fix code style issues
7 years ago
38e0133e1b
Make PAM gem optional, allow configuration over environment ( #6415 )
7 years ago
26f21fd5a0
CAS + SAML authentication feature ( #6425 )
...
* Cas authentication feature
* Config
* Remove class_eval + Omniauth initializer
* Codeclimate review
* Codeclimate review 2
* Codeclimate review 3
* Remove uid/email reconciliation
* SAML authentication
* Clean up code
* Improve login form
* Fix code style issues
* Add locales
7 years ago
9592b5e31e
enforce LOCAL_HTTPS=true in production ( #6061 )
...
* enforce https in production
* note changes in production env sample
* typo fix
7 years ago
ca5440b93d
Rename MAX_CHARS to MAX_TOOT_CHARS to be more specific.
7 years ago
6cd192b9fb
Make character limit configurable.
7 years ago
d4f80824f7
Document REDIS_NAMESPACE ( #5038 )
7 years ago
3018043fc2
Add OpenStack Keystone V3 support ( #4889 )
...
Keystone V2 is deprecated in favour of V3. This adds the necessary
connection parameters for establishing a V3 connection. Connections
to V2 endpoints are still possible and the configuration should
remain compatible.
This also introduces a SWIFT_REGION variable for multi-region
OpenStack environments and a SWIFT_CACHE_TTL that controls how long
tokens and other meta-data is cached for. Caching tokens avoids
rate-limiting errors that would result in media uploads becoming
unavailable during high load or when using tasks like
media:remove_remote. fog-openstack only supports token caching for
V3 endpoints, so a recommendation for using V3 was added.
7 years ago
fa21d004c7
Add environment sample for OpenStack Swift ( #4816 )
7 years ago
aefb4719bc
comment correction ( #4812 )
7 years ago
c3e355388a
Show SMTP_TLS in config sample ( #4477 )
7 years ago
0fa9dd8527
Add Rake task for generate VAPID key ( #4195 )
...
* Add Rake task for generate VAPID key
* edit config/initializers/vapid.rb
7 years ago
0c7c188c45
Web Push Notifications ( #3243 )
...
* feat: Register push subscription
* feat: Notify when mentioned
* feat: Boost, favourite, reply, follow, follow request
* feat: Notification interaction
* feat: Handle change of public key
* feat: Unsubscribe if things go wrong
* feat: Do not send normal notifications if push is enabled
* feat: Focus client if open
* refactor: Move push logic to WebPushSubscription
* feat: Better title and body
* feat: Localize messages
* chore: Fix lint errors
* feat: Settings
* refactor: Lazy load
* fix: Check if push settings exist
* feat: Device-based preferences
* refactor: Simplify logic
* refactor: Pull request feedback
* refactor: Pull request feedback
* refactor: Create /api/web/push_subscriptions endpoint
* feat: Spec PushSubscriptionController
* refactor: WebPushSubscription => Web::PushSubscription
* feat: Spec Web::PushSubscription
* feat: Display first media attachment
* feat: Support direction
* fix: Stuff broken while rebasing
* refactor: Integration with session activations
* refactor: Cleanup
* refactor: Simplify implementation
* feat: Set VAPID keys via environment
* chore: Comments
* fix: Crash when no alerts
* fix: Set VAPID keys in testing environment
* fix: Follow link
* feat: Notification actions
* fix: Delete previous subscription
* chore: Temporary logs
* refactor: Move migration to a later date
* fix: Fetch the correct session activation and misc bugs
* refactor: Move migration to a later date
* fix: Remove follow request (no notifications)
* feat: Send administrator contact to push service
* feat: Set time-to-live
* fix: Do not show sensitive images
* fix: Reducer crash in error handling
* feat: Add badge
* chore: Fix lint error
* fix: Checkbox label overlap
* fix: Check for payload support
* fix: Rename action "type" (crash in latest Chrome)
* feat: Action to expand notification
* fix: Lint errors
* fix: Unescape notification body
* fix: Do not allow boosting if the status is hidden
* feat: Add VAPID keys to the production sample environment
* fix: Strip HTML tags from status
* refactor: Better error messages
* refactor: Handle browser not implementing the VAPID protocol (Samsung Internet)
* fix: Error when target_status is nil
* fix: Handle lack of image
* fix: Delete reference to invalid subscriptions
* feat: Better error handling
* fix: Unescape HTML characters after tags are striped
* refactor: Simpify code
* fix: Modify to work with #4091
* Sort strings alphabetically
* i18n: Updated Polish translation
it annoys me that it's not fully localized :P
* refactor: Use current_session in PushSubscriptionController
* fix: Rebase mistake
* fix: Set cacheName to mastodon
* refactor: Pull request feedback
* refactor: Remove logging statements
* chore(yarn): Fix conflicts with master
* chore(yarn): Copy latest from master
* chore(yarn): Readd offline-plugin
* refactor: Use save! and update!
* refactor: Send notifications async
* fix: Allow retry when push fails
* fix: Save track for failed pushes
* fix: Minify sw.js
* fix: Remove account_id from fabricator
7 years ago
23081bb299
added 'https://' to CDN_HOST variable example ( #3446 )
8 years ago
Thibaut Girka