about summary refs log tree commit diff
path: root/.env.production.sample
AgeCommit message (Collapse)Author
2021-11-26Fix ElasticSearch to Elasticsearch (#17050)Takeshi Umeda
2021-10-25Fix mastodon:setup to take dotenv/docker-compose differences into account ↵Claire
(#16896) In order to work around https://github.com/mastodon/mastodon/issues/16895, add a warning to .env.production.sample, and change the mastodon:setup rake task to: - output a warning if a variable will be interpreted differently by dotenv and docker-compose - ensure the printed config is compatible with docker-compose
2021-10-24Support authentication for ElasticSearch (#16890)Jeong Arm
* Support authentication for ElasticSearch * Fix chewy auth settings
2020-07-12Fix the wrong full documentation link (#14293)夕日
2020-07-03Add back a cleaner and leaner .env.production.sample (#14206)Eugen Rochko
2020-06-27Remove the terms blacklist and whitelist from UX (#14149)Eugen Rochko
Localization strings: - "Whitelist mode" -> "Limited federation mode" - "Blacklist e-mail domain" -> "Block e-mail domain" - "Whitelist domain" -> "Allow domain for federation" ...And so on Environment variables (backwards-compatible): - `WHITELIST_MODE` -> `LIMITED_FEDERATION_MODE` - `EMAIL_DOMAIN_BLACKLIST` -> `EMAIL_DOMAIN_DENYLIST` - `EMAIL_DOMAIN_WHITELIST` -> `EMAIL_DOMAIN_ALLOWLIST` tootctl: - `tootctl domains purge --whitelist-mode` -> `tootctl domains purge --limited-federation-mode` Removed badly maintained and no longer relevant .env.production.sample file
2020-05-10Updated docker-compose snippet to a working one (#13196)Denis Teyssier
added 'bundle exec' before rake
2020-01-23Document AUTHORIZED_FETCH mode and WHITELIST_MODE (#12856)ThibG
* Document AUTHORIZED_FETCH mode and WHITELIST_MODE * Replace extended description with a link to the online docs
2019-12-23Fix sample SAML_ACS_URL, SAML_ISSUER (#12669)Aries
2019-12-01:sparkles: Add an LDAP Mail attribute config (#12053)Mathieu Brunot
Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
2019-12-01:sparkles: Convert LDAP username (#12461)Mathieu Brunot
* :sparkles: Convert LDAP username #12021 Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io> * :bug: Fix conversion var use Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io> * :bug: Fix LDAP uid conversion test Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io> * :ok_hand: Remove comments with ref to PR Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io> * :ok_hand: Remove unnecessary paranthesis Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io> * :wrench: Move space in conversion string Signed-off-by: mathieu.brunot <mathieu.brunot@monogramm.io>
2019-10-01Remove quotes in `LDAP_SEARCH_FILTER` example (#12019)Mathieu Brunot
2019-09-23Add config of multipart threshold for S3 (#11924)Yamagishi Kazutoshi
2019-09-02Add SMTP reply_to option (#11718)Hugo Gameiro
* Add SMTP_REPLY_TO in .env.production.sample * Set reply_to in SMTP options
2019-05-09Add ES_PREFIX in .env.production.sample (#10087)Stanislas
2018-08-25Rename S3_CLOUDFRONT_HOST to S3_ALIAS_HOST. (#8423)M Somerville
Still check for S3_CLOUDFRONT_HOST for existing installs.
2018-08-15Add ldap search filter (#8151)Immae
2018-06-29Merge `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` into ↵MIYAGI Hikaru
`ALLOW_ACCESS_TO_HIDDEN_SERVICE` (#7901) If Mastodon accesses to the hidden service via transparent proxy, it's needed to avoid checking whether it's a private address, since `.onion` is resolved to a private address. I was previously using the `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` to provide that function. However, I realized that using `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` is redundant, since this specification is always used with `ALLOW_ACCESS_TO_HIDDEN_SERVICE`. Therefore, I decided to integrate the setting of `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` into` ALLOW_ACCESS_TO_HIDDEN_SERVICE`.
2018-05-29Cache attachments on external host with service worker (#7493)Akihiko Odaki
2018-05-07Improve OpenStack v3 compatibility (#7392)Hugo Gameiro
* Update paperclip.rb * Update .env.production.sample * Update paperclip.rb
2018-04-25HTTP proxy support for outgoing request, manage access to hidden service (#7134)MIYAGI Hikaru
* Add support for HTTP client proxy * Add access control for darknet Supress error when access to darknet via transparent proxy * Fix the codes pointed out * Lint * Fix an omission + lint * any? -> include? * Change detection method to regexp to avoid test fail
2018-03-28Document CORS requirement for asset host (#6941)Akihiko Odaki
2018-03-19rename pam email environment variable to something more understandable and ↵Alexander
default to LOCAL_DOMAIN (better fallback) (#6833)
2018-03-09Adjust suggested ES host in .env sample for docker-compose config (#6710)Eugen Rochko
2018-03-07Add additional first_name and last_name SAML attribute statement options, ↵Effy Elden
and modify Omniauthable concern to use full_name or first_name + last_name if not available (#6669)
2018-03-02fix logic for pam_controlled_service (#6599)Alexander
2018-03-02Add LDAP options to .env.production.sample (#6592)Eugen Rochko
2018-02-26Ensure the app does not even start if OTP_SECRET is not set (#6557)Eugen Rochko
* Ensure the app does not even start if OTP_SECRET is not set * Remove PAPERCLIP_SECRET (it's not used by anything, actually) Imports are for internal consumption and the url option isn't even used correctly, so we can remove the hash stuff from them
2018-02-26Fix #6536 (#6558)Eugen Rochko
2018-02-23New variable OAUTH_REDIRECT_AT_SIGN_IN + Ref #6538 (not only SAML ↵Ghislain Loaec
strategies) (#6540)
2018-02-22Update pam documentation (#6518)Alexander
* document pam email extraction * remove superfluous newline
2018-02-22New env variable: SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED + fixes #6533 (#6538)Ghislain Loaec
2018-02-09Full-text search for authorized statuses (#6423)Eugen Rochko
* Add full-text search for authorized statuses - Search API will return statuses that match the query - Only for logged in users - Only if you are author of the status, - Or you were mentioned in it - Or you favourited or reblogged it - Configuration over `ES_ENABLED`, `ES_HOST`, `ES_PORT`, `ES_PREFIX` - Run `rails chewy:deploy` to create & populate index Fix #5880 Fix #4293 Fix #1152 * Add commented out docker-compose configuration for ES container * Optimize index import, filter search results * Add basic normalization to the index * Add better stemming and normalization to the index * Skip webfinger request if search query includes both @ and a space * Fix code style * Visually separate search result sections * Fix code style issues
2018-02-04Make PAM gem optional, allow configuration over environment (#6415)Eugen Rochko
2018-02-04CAS + SAML authentication feature (#6425)Eugen Rochko
* Cas authentication feature * Config * Remove class_eval + Omniauth initializer * Codeclimate review * Codeclimate review 2 * Codeclimate review 3 * Remove uid/email reconciliation * SAML authentication * Clean up code * Improve login form * Fix code style issues * Add locales
2017-12-22enforce LOCAL_HTTPS=true in production (#6061)nightpool
* enforce https in production * note changes in production env sample * typo fix
2017-09-22Document REDIS_NAMESPACE (#5038)Nolan Lawson
2017-09-11Add OpenStack Keystone V3 support (#4889)Patrick Figel
Keystone V2 is deprecated in favour of V3. This adds the necessary connection parameters for establishing a V3 connection. Connections to V2 endpoints are still possible and the configuration should remain compatible. This also introduces a SWIFT_REGION variable for multi-region OpenStack environments and a SWIFT_CACHE_TTL that controls how long tokens and other meta-data is cached for. Caching tokens avoids rate-limiting errors that would result in media uploads becoming unavailable during high load or when using tasks like media:remove_remote. fog-openstack only supports token caching for V3 endpoints, so a recommendation for using V3 was added.
2017-09-06Add environment sample for OpenStack Swift (#4816)Yamagishi Kazutoshi
2017-09-05comment correction (#4812)Treyssat-Vincent Nino
2017-08-01Show SMTP_TLS in config sample (#4477)ScienJus
2017-07-14Add Rake task for generate VAPID key (#4195)Yamagishi Kazutoshi
* Add Rake task for generate VAPID key * edit config/initializers/vapid.rb
2017-07-13Web Push Notifications (#3243)Sorin Davidoi
* feat: Register push subscription * feat: Notify when mentioned * feat: Boost, favourite, reply, follow, follow request * feat: Notification interaction * feat: Handle change of public key * feat: Unsubscribe if things go wrong * feat: Do not send normal notifications if push is enabled * feat: Focus client if open * refactor: Move push logic to WebPushSubscription * feat: Better title and body * feat: Localize messages * chore: Fix lint errors * feat: Settings * refactor: Lazy load * fix: Check if push settings exist * feat: Device-based preferences * refactor: Simplify logic * refactor: Pull request feedback * refactor: Pull request feedback * refactor: Create /api/web/push_subscriptions endpoint * feat: Spec PushSubscriptionController * refactor: WebPushSubscription => Web::PushSubscription * feat: Spec Web::PushSubscription * feat: Display first media attachment * feat: Support direction * fix: Stuff broken while rebasing * refactor: Integration with session activations * refactor: Cleanup * refactor: Simplify implementation * feat: Set VAPID keys via environment * chore: Comments * fix: Crash when no alerts * fix: Set VAPID keys in testing environment * fix: Follow link * feat: Notification actions * fix: Delete previous subscription * chore: Temporary logs * refactor: Move migration to a later date * fix: Fetch the correct session activation and misc bugs * refactor: Move migration to a later date * fix: Remove follow request (no notifications) * feat: Send administrator contact to push service * feat: Set time-to-live * fix: Do not show sensitive images * fix: Reducer crash in error handling * feat: Add badge * chore: Fix lint error * fix: Checkbox label overlap * fix: Check for payload support * fix: Rename action "type" (crash in latest Chrome) * feat: Action to expand notification * fix: Lint errors * fix: Unescape notification body * fix: Do not allow boosting if the status is hidden * feat: Add VAPID keys to the production sample environment * fix: Strip HTML tags from status * refactor: Better error messages * refactor: Handle browser not implementing the VAPID protocol (Samsung Internet) * fix: Error when target_status is nil * fix: Handle lack of image * fix: Delete reference to invalid subscriptions * feat: Better error handling * fix: Unescape HTML characters after tags are striped * refactor: Simpify code * fix: Modify to work with #4091 * Sort strings alphabetically * i18n: Updated Polish translation it annoys me that it's not fully localized :P * refactor: Use current_session in PushSubscriptionController * fix: Rebase mistake * fix: Set cacheName to mastodon * refactor: Pull request feedback * refactor: Remove logging statements * chore(yarn): Fix conflicts with master * chore(yarn): Copy latest from master * chore(yarn): Readd offline-plugin * refactor: Use save! and update! * refactor: Send notifications async * fix: Allow retry when push fails * fix: Save track for failed pushes * fix: Minify sw.js * fix: Remove account_id from fabricator
2017-05-30added 'https://' to CDN_HOST variable example (#3446)Chris
2017-05-22Allow alternate domains for mastodon handlers (#3187)Immae
2017-05-20Some Dockerfile improvements (#3182)Wonderfall
- improve docker_entrypoint.sh - serve static files with puma by default - sort packages list - use virtual package for build deps - show how to assign UID/GID
2017-05-19Adds better documentation to LOCAL_DOMAIN and LOCAL_HTTPS (#3149)Audun Larsen
Fixes #2254
2017-05-08Improve example env file for local Postfix relay (#2892)Jarek Lipski
2017-05-05Add additional documentation and warnings to the WEB_DOMAIN setting. (#2386)ThibG
* Add additional documentation and warnings to the WEB_DOMAIN setting. This feature is largely undocumented, and quite a number of users have shot them in the feet already despite the warning. Added a bit of documentation and expanded the warning until we have a mechanism for dealing with conflicting user URIs. * Change WEB_DOMAIN comments to point to the extensive online documentation
2017-05-04fix DB_URL (#2778)abcang