about summary refs log tree commit diff
path: root/config/environments
diff options
context:
space:
mode:
Diffstat (limited to 'config/environments')
-rw-r--r--config/environments/development.rb2
-rw-r--r--config/environments/production.rb10
-rw-r--r--config/environments/test.rb3
3 files changed, 9 insertions, 6 deletions
diff --git a/config/environments/development.rb b/config/environments/development.rb
index d76361c60..de8762ff7 100644
--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@@ -81,7 +81,7 @@ Rails.application.configure do
     Bullet.bullet_logger = true
     Bullet.rails_logger  = false
 
-    Bullet.add_whitelist type: :n_plus_one_query, class_name: 'User', association: :account
+    Bullet.add_safelist type: :n_plus_one_query, class_name: 'User', association: :account
   end
 
   config.x.otp_secret = ENV.fetch('OTP_SECRET', '1fc2b87989afa6351912abeebe31ffc5c476ead9bf8b3d74cbc4a302c7b69a45b40b1bbef3506ddad73e942e15ed5ca4b402bf9a66423626051104f4b5f05109')
diff --git a/config/environments/production.rb b/config/environments/production.rb
index f2cffe919..1d9063cd6 100644
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -101,11 +101,11 @@ Rails.application.configure do
     :password             => ENV['SMTP_PASSWORD'].presence,
     :domain               => ENV['SMTP_DOMAIN'] || ENV['LOCAL_DOMAIN'],
     :authentication       => ENV['SMTP_AUTH_METHOD'] == 'none' ? nil : ENV['SMTP_AUTH_METHOD'] || :plain,
-    :ca_file              => ENV['SMTP_CA_FILE'].presence,
+    :ca_file              => ENV['SMTP_CA_FILE'].presence || '/etc/ssl/certs/ca-certificates.crt',
     :openssl_verify_mode  => ENV['SMTP_OPENSSL_VERIFY_MODE'],
-    :enable_starttls_auto => ENV['SMTP_ENABLE_STARTTLS_AUTO'] || true,
-    :tls                  => ENV['SMTP_TLS'].presence,
-    :ssl                  => ENV['SMTP_SSL'].presence,
+    :enable_starttls_auto => ENV['SMTP_ENABLE_STARTTLS_AUTO'] != 'false',
+    :tls                  => ENV['SMTP_TLS'].presence && ENV['SMTP_TLS'] == 'true',
+    :ssl                  => ENV['SMTP_SSL'].presence && ENV['SMTP_SSL'] == 'true',
   }
 
   config.action_mailer.delivery_method = ENV.fetch('SMTP_DELIVERY_METHOD', 'smtp').to_sym
@@ -114,7 +114,7 @@ Rails.application.configure do
     'Server'                  => 'Mastodon',
     'X-Frame-Options'         => 'DENY',
     'X-Content-Type-Options'  => 'nosniff',
-    'X-XSS-Protection'        => '1; mode=block',
+    'X-XSS-Protection'        => '0',
     'Permissions-Policy'      => 'interest-cohort=()',
     'Referrer-Policy'         => 'same-origin',
     'Strict-Transport-Security' => 'max-age=63072000; includeSubDomains; preload',
diff --git a/config/environments/test.rb b/config/environments/test.rb
index a35cadcfa..ef3cb2e48 100644
--- a/config/environments/test.rb
+++ b/config/environments/test.rb
@@ -70,3 +70,6 @@ if ENV['PAM_ENABLED'] == 'true'
       env: { email: 'pam@example.com' }
     }
 end
+
+# Catch serialization warnings early
+Sidekiq.strict_args!