diff options
Diffstat (limited to 'config')
-rw-r--r-- | config/initializers/devise.rb | 14 | ||||
-rw-r--r-- | config/initializers/doorkeeper.rb | 16 | ||||
-rw-r--r-- | config/initializers/paperclip.rb | 2 | ||||
-rw-r--r-- | config/locales/en.yml | 8 | ||||
-rw-r--r-- | config/locales/simple_form.en.yml | 16 | ||||
-rw-r--r-- | config/pghero.yml | 41 |
6 files changed, 85 insertions, 12 deletions
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index fd9a5a8b9..59e69ad37 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -53,6 +53,8 @@ module Devise @@ldap_base = nil mattr_accessor :ldap_uid @@ldap_uid = nil + mattr_accessor :ldap_mail + @@ldap_mail = nil mattr_accessor :ldap_bind_dn @@ldap_bind_dn = nil mattr_accessor :ldap_password @@ -61,6 +63,12 @@ module Devise @@ldap_tls_no_verify = false mattr_accessor :ldap_search_filter @@ldap_search_filter = nil + mattr_accessor :ldap_uid_conversion_enabled + @@ldap_uid_conversion_enabled = false + mattr_accessor :ldap_uid_conversion_search + @@ldap_uid_conversion_search = nil + mattr_accessor :ldap_uid_conversion_replace + @@ldap_uid_conversion_replace = nil class Strategies::PamAuthenticatable def valid? @@ -363,7 +371,11 @@ Devise.setup do |config| config.ldap_bind_dn = ENV.fetch('LDAP_BIND_DN') config.ldap_password = ENV.fetch('LDAP_PASSWORD') config.ldap_uid = ENV.fetch('LDAP_UID', 'cn') + config.ldap_mail = ENV.fetch('LDAP_MAIL', 'mail') config.ldap_tls_no_verify = ENV['LDAP_TLS_NO_VERIFY'] == 'true' - config.ldap_search_filter = ENV.fetch('LDAP_SEARCH_FILTER', '%{uid}=%{email}') + config.ldap_search_filter = ENV.fetch('LDAP_SEARCH_FILTER', '(|(%{uid}=%{email})(%{mail}=%{email}))') + config.ldap_uid_conversion_enabled = ENV['LDAP_UID_CONVERSION_ENABLED'] == 'true' + config.ldap_uid_conversion_search = ENV.fetch('LDAP_UID_CONVERSION_SEARCH', '.,- ') + config.ldap_uid_conversion_replace = ENV.fetch('LDAP_UID_CONVERSION_REPLACE', '_') end end diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb index a5c9caa4a..7784bec62 100644 --- a/config/initializers/doorkeeper.rb +++ b/config/initializers/doorkeeper.rb @@ -8,8 +8,20 @@ Doorkeeper.configure do end resource_owner_from_credentials do |_routes| - user = User.find_by(email: request.params[:username]) - user if !user&.otp_required_for_login? && user&.valid_password?(request.params[:password]) + if Devise.ldap_authentication + user = User.authenticate_with_ldap({ :email => request.params[:username], :password => request.params[:password] }) + end + + if Devise.pam_authentication + user ||= User.authenticate_with_ldap({ :email => request.params[:username], :password => request.params[:password] }) + end + + if user.nil? + user = User.find_by(email: request.params[:username]) + user = nil unless user.valid_password?(request.params[:password]) + end + + user if !user&.otp_required_for_login? end # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below. diff --git a/config/initializers/paperclip.rb b/config/initializers/paperclip.rb index d3602e655..96607b7ce 100644 --- a/config/initializers/paperclip.rb +++ b/config/initializers/paperclip.rb @@ -42,7 +42,7 @@ if ENV['S3_ENABLED'] == 'true' s3_options: { signature_version: ENV.fetch('S3_SIGNATURE_VERSION') { 'v4' }, - http_open_timeout: 5, + http_open_timeout: ENV.fetch('S3_OPEN_TIMEOUT'){ '5' }.to_i, http_read_timeout: 5, http_idle_timeout: 5, retry_limit: 0, diff --git a/config/locales/en.yml b/config/locales/en.yml index f672590bf..c505896e7 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -78,6 +78,7 @@ en: roles: admin: Admin bot: Bot + group: Group moderator: Mod unavailable: Profile unavailable unfollow: Unfollow @@ -406,6 +407,7 @@ en: are_you_sure: Are you sure? assign_to_self: Assign to me assigned: Assigned moderator + by_target_domain: Domain of reported account comment: none: None created_at: Reported @@ -900,6 +902,10 @@ en: body: 'Your status was boosted by %{name}:' subject: "%{name} boosted your status" title: New boost + notifications: + email_events: Events for e-mail notifications + email_events_hint: 'Select events that you want to receive notifications for:' + other_settings: Other notifications settings number: human: decimal_units: @@ -934,6 +940,8 @@ en: relationships: activity: Account activity dormant: Dormant + followers: Followers + following: Following last_active: Last active most_recent: Most recent moved: Moved diff --git a/config/locales/simple_form.en.yml b/config/locales/simple_form.en.yml index 776ac6e1b..b54e0ff2b 100644 --- a/config/locales/simple_form.en.yml +++ b/config/locales/simple_form.en.yml @@ -163,14 +163,14 @@ en: text: Why do you want to join? notification_emails: digest: Send digest e-mails - favourite: Send e-mail when someone favourites your status - follow: Send e-mail when someone follows you - follow_request: Send e-mail when someone requests to follow you - mention: Send e-mail when someone mentions you - pending_account: Send e-mail when a new account needs review - reblog: Send e-mail when someone boosts your status - report: Send e-mail when a new report is submitted - trending_tag: Send e-mail when an unreviewed hashtag is trending + favourite: Someone favourited your status + follow: Someone followed you + follow_request: Someone requested to follow you + mention: Someone mentioned you + pending_account: New account needs review + reblog: Someone boosted your status + report: New report is submitted + trending_tag: An unreviewed hashtag is trending tag: listable: Allow this hashtag to appear in searches and on the profile directory name: Hashtag diff --git a/config/pghero.yml b/config/pghero.yml new file mode 100644 index 000000000..244245d0d --- /dev/null +++ b/config/pghero.yml @@ -0,0 +1,41 @@ +databases: + primary: + # Database URL (defaults to app database) + # url: <%= ENV["DATABASE_URL"] %> + + # Add more databases + # other: + # url: <%= ENV["OTHER_DATABASE_URL"] %> + +# Minimum time for long running queries +# long_running_query_sec: 60 + +# Minimum average time for slow queries +# slow_query_ms: 20 + +# Minimum calls for slow queries +# slow_query_calls: 100 + +# Minimum connections for high connections warning +# total_connections_threshold: 500 + +# Statement timeout for explain +# explain_timeout_sec: 10 + +# Time zone (defaults to app time zone) +# time_zone: "Pacific Time (US & Canada)" + +# Basic authentication +# username: admin +# password: secret + +# Stats database URL (defaults to app database) +# stats_database_url: <%= ENV["PGHERO_STATS_DATABASE_URL"] %> + +# AWS configuration (defaults to app AWS config) +# also need aws_db_instance_identifier with each database +# aws_access_key_id: ... +# aws_secret_access_key: ... +# aws_region: us-east-1 + +override_csp: true |