closed-social
/
mastodon
3
0
Fork 2
Code Issues 5 Pull Requests 0 Projects 0 Releases 3 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4908 Commits
4 Branches
567 MiB
Tree: 4e4f1b0dcb
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4e4f1b0dcb'
${ noResults }
mastodon/.env.production.sample

177 lines
6.1 KiB
Raw Normal View History

Adding e-mail configuration
8 years ago
Clean up redis configuration. Allow using REDIS_URL to set advanced (#2732) connection options instead of setting REDIS_HOST etc individually Close #1986
7 years ago
Document REDIS_NAMESPACE (#5038)
6 years ago
Adding a docker-compose template for running Mastodon easily
8 years ago
Fixing the docker container setup (with assets compilation &co)
8 years ago
fix DB_URL (#2778)
7 years ago
Fixing the docker container setup (with assets compilation &co)
8 years ago
Adding e-mail configuration
8 years ago
enforce LOCAL_HTTPS=true in production (#6061) * enforce https in production * note changes in production env sample * typo fix
6 years ago
Adds better documentation to LOCAL_DOMAIN and LOCAL_HTTPS (#3149) Fixes #2254
7 years ago
CAS + SAML authentication feature (#6425) * Cas authentication feature * Config * Remove class_eval + Omniauth initializer * Codeclimate review * Codeclimate review 2 * Codeclimate review 3 * Remove uid/email reconciliation * SAML authentication * Clean up code * Improve login form * Fix code style issues * Add locales
6 years ago
enforce LOCAL_HTTPS=true in production (#6061) * enforce https in production * note changes in production env sample * typo fix
6 years ago
Adding e-mail configuration
8 years ago
Allow running mastodon on a different domain as the one used for identifying users (#1267) * Allow running mastodon on a different domain as the one used for identifying users * Alter documentation of WEB_DOMAIN to make clear it shouldn't be used unless the admin knows what they are doing * Compare to web_domain instead of local_domain when dealing with feeds/API * Correctly identify mentions to local accounts Mentions URLs point to the person's web profile, i.e., the user page served on WEB_DOMAIN.
7 years ago
Add additional documentation and warnings to the WEB_DOMAIN setting. (#2386) * Add additional documentation and warnings to the WEB_DOMAIN setting. This feature is largely undocumented, and quite a number of users have shot them in the feet already despite the warning. Added a bit of documentation and expanded the warning until we have a mechanism for dealing with conflicting user URIs. * Change WEB_DOMAIN comments to point to the extensive online documentation
7 years ago
Allow running mastodon on a different domain as the one used for identifying users (#1267) * Allow running mastodon on a different domain as the one used for identifying users * Alter documentation of WEB_DOMAIN to make clear it shouldn't be used unless the admin knows what they are doing * Compare to web_domain instead of local_domain when dealing with feeds/API * Correctly identify mentions to local accounts Mentions URLs point to the person's web profile, i.e., the user page served on WEB_DOMAIN.
7 years ago
Allow alternate domains for mastodon handlers (#3187)
7 years ago
Adding e-mail configuration
8 years ago
comment correction (#4812)
6 years ago
Adding a docker-compose template for running Mastodon easily
8 years ago
Update sample .env
7 years ago
Adding e-mail configuration
8 years ago
Web Push Notifications (#3243) * feat: Register push subscription * feat: Notify when mentioned * feat: Boost, favourite, reply, follow, follow request * feat: Notification interaction * feat: Handle change of public key * feat: Unsubscribe if things go wrong * feat: Do not send normal notifications if push is enabled * feat: Focus client if open * refactor: Move push logic to WebPushSubscription * feat: Better title and body * feat: Localize messages * chore: Fix lint errors * feat: Settings * refactor: Lazy load * fix: Check if push settings exist * feat: Device-based preferences * refactor: Simplify logic * refactor: Pull request feedback * refactor: Pull request feedback * refactor: Create /api/web/push_subscriptions endpoint * feat: Spec PushSubscriptionController * refactor: WebPushSubscription => Web::PushSubscription * feat: Spec Web::PushSubscription * feat: Display first media attachment * feat: Support direction * fix: Stuff broken while rebasing * refactor: Integration with session activations * refactor: Cleanup * refactor: Simplify implementation * feat: Set VAPID keys via environment * chore: Comments * fix: Crash when no alerts * fix: Set VAPID keys in testing environment * fix: Follow link * feat: Notification actions * fix: Delete previous subscription * chore: Temporary logs * refactor: Move migration to a later date * fix: Fetch the correct session activation and misc bugs * refactor: Move migration to a later date * fix: Remove follow request (no notifications) * feat: Send administrator contact to push service * feat: Set time-to-live * fix: Do not show sensitive images * fix: Reducer crash in error handling * feat: Add badge * chore: Fix lint error * fix: Checkbox label overlap * fix: Check for payload support * fix: Rename action "type" (crash in latest Chrome) * feat: Action to expand notification * fix: Lint errors * fix: Unescape notification body * fix: Do not allow boosting if the status is hidden * feat: Add VAPID keys to the production sample environment * fix: Strip HTML tags from status * refactor: Better error messages * refactor: Handle browser not implementing the VAPID protocol (Samsung Internet) * fix: Error when target_status is nil * fix: Handle lack of image * fix: Delete reference to invalid subscriptions * feat: Better error handling * fix: Unescape HTML characters after tags are striped * refactor: Simpify code * fix: Modify to work with #4091 * Sort strings alphabetically * i18n: Updated Polish translation it annoys me that it's not fully localized :P * refactor: Use current_session in PushSubscriptionController * fix: Rebase mistake * fix: Set cacheName to mastodon * refactor: Pull request feedback * refactor: Remove logging statements * chore(yarn): Fix conflicts with master * chore(yarn): Copy latest from master * chore(yarn): Readd offline-plugin * refactor: Use save! and update! * refactor: Send notifications async * fix: Allow retry when push fails * fix: Save track for failed pushes * fix: Minify sw.js * fix: Remove account_id from fabricator
6 years ago
comment correction (#4812)
6 years ago
Web Push Notifications (#3243) * feat: Register push subscription * feat: Notify when mentioned * feat: Boost, favourite, reply, follow, follow request * feat: Notification interaction * feat: Handle change of public key * feat: Unsubscribe if things go wrong * feat: Do not send normal notifications if push is enabled * feat: Focus client if open * refactor: Move push logic to WebPushSubscription * feat: Better title and body * feat: Localize messages * chore: Fix lint errors * feat: Settings * refactor: Lazy load * fix: Check if push settings exist * feat: Device-based preferences * refactor: Simplify logic * refactor: Pull request feedback * refactor: Pull request feedback * refactor: Create /api/web/push_subscriptions endpoint * feat: Spec PushSubscriptionController * refactor: WebPushSubscription => Web::PushSubscription * feat: Spec Web::PushSubscription * feat: Display first media attachment * feat: Support direction * fix: Stuff broken while rebasing * refactor: Integration with session activations * refactor: Cleanup * refactor: Simplify implementation * feat: Set VAPID keys via environment * chore: Comments * fix: Crash when no alerts * fix: Set VAPID keys in testing environment * fix: Follow link * feat: Notification actions * fix: Delete previous subscription * chore: Temporary logs * refactor: Move migration to a later date * fix: Fetch the correct session activation and misc bugs * refactor: Move migration to a later date * fix: Remove follow request (no notifications) * feat: Send administrator contact to push service * feat: Set time-to-live * fix: Do not show sensitive images * fix: Reducer crash in error handling * feat: Add badge * chore: Fix lint error * fix: Checkbox label overlap * fix: Check for payload support * fix: Rename action "type" (crash in latest Chrome) * feat: Action to expand notification * fix: Lint errors * fix: Unescape notification body * fix: Do not allow boosting if the status is hidden * feat: Add VAPID keys to the production sample environment * fix: Strip HTML tags from status * refactor: Better error messages * refactor: Handle browser not implementing the VAPID protocol (Samsung Internet) * fix: Error when target_status is nil * fix: Handle lack of image * fix: Delete reference to invalid subscriptions * feat: Better error handling * fix: Unescape HTML characters after tags are striped * refactor: Simpify code * fix: Modify to work with #4091 * Sort strings alphabetically * i18n: Updated Polish translation it annoys me that it's not fully localized :P * refactor: Use current_session in PushSubscriptionController * fix: Rebase mistake * fix: Set cacheName to mastodon * refactor: Pull request feedback * refactor: Remove logging statements * chore(yarn): Fix conflicts with master * chore(yarn): Copy latest from master * chore(yarn): Readd offline-plugin * refactor: Use save! and update! * refactor: Send notifications async * fix: Allow retry when push fails * fix: Save track for failed pushes * fix: Minify sw.js * fix: Remove account_id from fabricator
6 years ago
Add single user mode
7 years ago
[#817] Add email whitelist This adds the ability to filter user signup with a whitelist instead of or in addition to a blacklist. Fixes #817
7 years ago
Add single user mode
7 years ago
Allow setting of default language through config Setting of locale in controller extracted to Localized concern, the doorkeeper authorized applications controller moved under custom namespace with inclusion of Localized, which resolves the "it sometimes appears in a different random language" bug
7 years ago
Adding e-mail configuration
8 years ago
Moved into a comment per feedback
7 years ago
Allow using an SMTP server without authentication (#1597) * Allow using an SMTP server without authentication (e.g Postfix relay on the same host) by setting SMTP_LOGIN and SMTP_AUTH_METHOD to 'none' * Add note in .env.production.sample about SMTP settings for servers where no auth is required * Assume that SMTP_LOGIN and SMTP_PASSWORD will be blank if we set SMTP_AUTH_METHOD to none
7 years ago
CAS + SAML authentication feature (#6425) * Cas authentication feature * Config * Remove class_eval + Omniauth initializer * Codeclimate review * Codeclimate review 2 * Codeclimate review 3 * Remove uid/email reconciliation * SAML authentication * Clean up code * Improve login form * Fix code style issues * Add locales
6 years ago
Improve example env file for local Postfix relay (#2892)
7 years ago
Adding e-mail configuration
8 years ago
Add documentation of SMTP_DOMAIN (#1738) Without setting it, exim will reject the mail with a message like: rejected EHLO from [10.20.0.1]: syntactically invalid argument(s): {}
7 years ago
smtp delivery type fix (#1556) * delivery fix # Conflicts: # config/environments/production.rb * added stub in .env file * reordered and added a comment
7 years ago
More SMTP customization (#1372) * Allow SMTP auth method customization * Add SMTP openssl_verify_mode option support Allows one use self-signed certs with their SMTP server. * Add SMTP enable_starttls_auto option support
7 years ago
Allow to set CA file for SMTP (#2713)
7 years ago
More SMTP customization (#1372) * Allow SMTP auth method customization * Add SMTP openssl_verify_mode option support Allows one use self-signed certs with their SMTP server. * Add SMTP enable_starttls_auto option support
7 years ago
Show SMTP_TLS in config sample (#4477)
6 years ago
Fix CDN_HOST variable requirement
7 years ago
Custom Paperclip path. (#778) * Custom Paperclip path. * Document PAPERCLIP_ROOT. * Add PAPERCLIP_ROOT_URL (and rename PAPERCLIP_ROOT to PAPERCLIP_ROOT_PATH).
7 years ago
Fix CDN_HOST variable requirement
7 years ago
added 'https://' to CDN_HOST variable example (#3446)
7 years ago
Upgrade Paperclip to 5, AWS-SDK to 2, do not generate medium/small versions of avatars
7 years ago
Add single user mode
7 years ago
:wrench: S3 protocol from ENV add support for reading S3 protocol from ENV also add S3_HOSTNAME in .env.production.sample
7 years ago
Add single user mode
7 years ago
Update Finnish translations, add sample Minio config (#954)
7 years ago
Change to switch signature version for Amazon S3 (#2124)
7 years ago
Update Finnish translations, add sample Minio config (#954)
7 years ago
Add environment sample for OpenStack Swift (#4816)
6 years ago
Add OpenStack Keystone V3 support (#4889) Keystone V2 is deprecated in favour of V3. This adds the necessary connection parameters for establishing a V3 connection. Connections to V2 endpoints are still possible and the configuration should remain compatible. This also introduces a SWIFT_REGION variable for multi-region OpenStack environments and a SWIFT_CACHE_TTL that controls how long tokens and other meta-data is cached for. Caching tokens avoids rate-limiting errors that would result in media uploads becoming unavailable during high load or when using tasks like media:remove_remote. fog-openstack only supports token caching for V3 endpoints, so a recommendation for using V3 was added.
6 years ago
Add environment sample for OpenStack Swift (#4816)
6 years ago
Add OpenStack Keystone V3 support (#4889) Keystone V2 is deprecated in favour of V3. This adds the necessary connection parameters for establishing a V3 connection. Connections to V2 endpoints are still possible and the configuration should remain compatible. This also introduces a SWIFT_REGION variable for multi-region OpenStack environments and a SWIFT_CACHE_TTL that controls how long tokens and other meta-data is cached for. Caching tokens avoids rate-limiting errors that would result in media uploads becoming unavailable during high load or when using tasks like media:remove_remote. fog-openstack only supports token caching for V3 endpoints, so a recommendation for using V3 was added.
6 years ago
Add environment sample for OpenStack Swift (#4816)
6 years ago
Add OpenStack Keystone V3 support (#4889) Keystone V2 is deprecated in favour of V3. This adds the necessary connection parameters for establishing a V3 connection. Connections to V2 endpoints are still possible and the configuration should remain compatible. This also introduces a SWIFT_REGION variable for multi-region OpenStack environments and a SWIFT_CACHE_TTL that controls how long tokens and other meta-data is cached for. Caching tokens avoids rate-limiting errors that would result in media uploads becoming unavailable during high load or when using tasks like media:remove_remote. fog-openstack only supports token caching for V3 endpoints, so a recommendation for using V3 was added.
6 years ago
Add environment sample for OpenStack Swift (#4816)
6 years ago
Add single user mode
7 years ago
Update sample .env
7 years ago
Make the streaming API also handle websockets (because trying to get the browser EventSource interface to work flawlessly was a nightmare). WARNING: This commit makes the web UI connect to the streaming API instead of ActionCable like before. This means that if you are upgrading, you should set that up beforehand.
7 years ago
Add env variable to disable prepared statements (#1293)
7 years ago
Improve streaming server with cluster (#1970)
7 years ago
Some Dockerfile improvements (#3182) - improve docker_entrypoint.sh - serve static files with puma by default - sort packages list - use virtual package for build deps - show how to assign UID/GID
7 years ago
CAS + SAML authentication feature (#6425) * Cas authentication feature * Config * Remove class_eval + Omniauth initializer * Codeclimate review * Codeclimate review 2 * Codeclimate review 3 * Remove uid/email reconciliation * SAML authentication * Clean up code * Improve login form * Fix code style issues * Add locales
6 years ago
 
  1. # Service dependencies
  2. # You may set REDIS_URL instead for more advanced options
  3. # You may also set REDIS_NAMESPACE to share Redis between multiple Mastodon servers
  4. REDIS_HOST=redis
  5. REDIS_PORT=6379
  6. # You may set DATABASE_URL instead for more advanced options
  7. DB_HOST=db
  8. DB_USER=postgres
  9. DB_NAME=postgres
  10. DB_PASS=
  11. DB_PORT=5432
  12. 

  13. # Federation
  14. # Note: Changing LOCAL_DOMAIN at a later time will cause unwanted side effects, including breaking all existing federation.
  15. # LOCAL_DOMAIN should *NOT* contain the protocol part of the domain e.g https://example.com.
  16. LOCAL_DOMAIN=example.com
  17. 

  18. # Changing LOCAL_HTTPS in production is no longer supported. (Mastodon will always serve https:// links)
  19. 

  20. # Use this only if you need to run mastodon on a different domain than the one used for federation.
  21. # You can read more about this option on https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Serving_a_different_domain.md
  22. # DO *NOT* USE THIS UNLESS YOU KNOW *EXACTLY* WHAT YOU ARE DOING.
  23. # WEB_DOMAIN=mastodon.example.com
  24. 

  25. # Use this if you want to have several aliases handler@example1.com
  26. # handler@example2.com etc. for the same user. LOCAL_DOMAIN should not
  27. # be added. Comma separated values
  28. # ALTERNATE_DOMAINS=example1.com,example2.com
  29. 

  30. # Application secrets
  31. # Generate each with the `RAILS_ENV=production bundle exec rake secret` task (`docker-compose run --rm web rake secret` if you use docker compose)
  32. PAPERCLIP_SECRET=
  33. SECRET_KEY_BASE=
  34. OTP_SECRET=
  35. 

  36. # VAPID keys (used for push notifications
  37. # You can generate the keys using the following command (first is the private key, second is the public one)
  38. # You should only generate this once per instance. If you later decide to change it, all push subscription will
  39. # be invalidated, requiring the users to access the website again to resubscribe.
  40. #
  41. # Generate with `RAILS_ENV=production bundle exec rake mastodon:webpush:generate_vapid_key` task (`docker-compose run --rm web rake mastodon:webpush:generate_vapid_key` if you use docker compose)
  42. #
  43. # For more information visit https://rossta.net/blog/using-the-web-push-api-with-vapid.html
  44. VAPID_PRIVATE_KEY=
  45. VAPID_PUBLIC_KEY=
  46. 

  47. # Registrations
  48. # Single user mode will disable registrations and redirect frontpage to the first profile
  49. # SINGLE_USER_MODE=true
  50. # Prevent registrations with following e-mail domains
  51. # EMAIL_DOMAIN_BLACKLIST=example1.com|example2.de|etc
  52. # Only allow registrations with the following e-mail domains
  53. # EMAIL_DOMAIN_WHITELIST=example1.com|example2.de|etc
  54. 

  55. # Optionally change default language
  56. # DEFAULT_LOCALE=de
  57. 

  58. # E-mail configuration
  59. # Note: Mailgun and SparkPost (https://sparkpo.st/smtp) each have good free tiers
  60. # If you want to use an SMTP server without authentication (e.g local Postfix relay)
  61. # then set SMTP_AUTH_METHOD and SMTP_OPENSSL_VERIFY_MODE to 'none' and
  62. # *comment* SMTP_LOGIN and SMTP_PASSWORD (leaving them blank is not enough).
  63. SMTP_SERVER=smtp.mailgun.org
  64. SMTP_PORT=587
  65. SMTP_LOGIN=
  66. SMTP_PASSWORD=
  67. SMTP_FROM_ADDRESS=notifications@example.com
  68. #SMTP_DOMAIN= # defaults to LOCAL_DOMAIN
  69. #SMTP_DELIVERY_METHOD=smtp # delivery method can also be sendmail
  70. #SMTP_AUTH_METHOD=plain
  71. #SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt
  72. #SMTP_OPENSSL_VERIFY_MODE=peer
  73. #SMTP_ENABLE_STARTTLS_AUTO=true
  74. #SMTP_TLS=true
  75. 

  76. # Optional user upload path and URL (images, avatars). Default is :rails_root/public/system. If you set this variable, you are responsible for making your HTTP server (eg. nginx) serve these files.
  77. # PAPERCLIP_ROOT_PATH=/var/lib/mastodon/public-system
  78. # PAPERCLIP_ROOT_URL=/system
  79. 

  80. # Optional asset host for multi-server setups
  81. # CDN_HOST=https://assets.example.com
  82. 

  83. # S3 (optional)
  84. # S3_ENABLED=true
  85. # S3_BUCKET=
  86. # AWS_ACCESS_KEY_ID=
  87. # AWS_SECRET_ACCESS_KEY=
  88. # S3_REGION=
  89. # S3_PROTOCOL=http
  90. # S3_HOSTNAME=192.168.1.123:9000
  91. 

  92. # S3 (Minio Config (optional) Please check Minio instance for details)
  93. # S3_ENABLED=true
  94. # S3_BUCKET=
  95. # AWS_ACCESS_KEY_ID=
  96. # AWS_SECRET_ACCESS_KEY=
  97. # S3_REGION=
  98. # S3_PROTOCOL=https
  99. # S3_HOSTNAME=
  100. # S3_ENDPOINT=
  101. # S3_SIGNATURE_VERSION=
  102. 

  103. # Swift (optional)
  104. # SWIFT_ENABLED=true
  105. # SWIFT_USERNAME=
  106. # For Keystone V3, the value for SWIFT_TENANT should be the project name
  107. # SWIFT_TENANT=
  108. # SWIFT_PASSWORD=
  109. # Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid
  110. # issues with token rate-limiting during high load.
  111. # SWIFT_AUTH_URL=
  112. # SWIFT_CONTAINER=
  113. # SWIFT_OBJECT_URL=
  114. # SWIFT_REGION=
  115. # Defaults to 'default'
  116. # SWIFT_DOMAIN_NAME=
  117. # Defaults to 60 seconds. Set to 0 to disable
  118. # SWIFT_CACHE_TTL=
  119. 

  120. # Optional alias for S3 if you want to use Cloudfront or Cloudflare in front
  121. # S3_CLOUDFRONT_HOST=
  122. 

  123. # Streaming API integration
  124. # STREAMING_API_BASE_URL=
  125. 

  126. # Advanced settings
  127. # If you need to use pgBouncer, you need to disable prepared statements:
  128. # PREPARED_STATEMENTS=false
  129. 

  130. # Cluster number setting for streaming API server.
  131. # If you comment out following line, cluster number will be `numOfCpuCores - 1`.
  132. STREAMING_CLUSTER_NUM=1
  133. 

  134. # Docker mastodon user
  135. # If you use Docker, you may want to assign UID/GID manually.
  136. # UID=1000
  137. # GID=1000
  138. 

  139. # Optional CAS authentication (cf. omniauth-cas) :
  140. # CAS_ENABLED=true
  141. # CAS_URL=https://sso.myserver.com/
  142. # CAS_HOST=sso.myserver.com/
  143. # CAS_PORT=443
  144. # CAS_SSL=true
  145. # CAS_VALIDATE_URL=
  146. # CAS_CALLBACK_URL=
  147. # CAS_LOGOUT_URL=
  148. # CAS_LOGIN_URL=
  149. # CAS_UID_FIELD='user'
  150. # CAS_CA_PATH=
  151. # CAS_DISABLE_SSL_VERIFICATION=false
  152. # CAS_UID_KEY='user'
  153. # CAS_NAME_KEY='name'
  154. # CAS_EMAIL_KEY='email'
  155. # CAS_NICKNAME_KEY='nickname'
  156. # CAS_FIRST_NAME_KEY='firstname'
  157. # CAS_LAST_NAME_KEY='lastname'
  158. # CAS_LOCATION_KEY='location'
  159. # CAS_IMAGE_KEY='image'
  160. # CAS_PHONE_KEY='phone'
  161. 

  162. # Optional SAML authentication (cf. omniauth-saml)
  163. # SAML_ENABLED=true
  164. # SAML_ACS_URL=
  165. # SAML_ISSUER=http://localhost:3000/auth/auth/saml/metadata
  166. # SAML_IDP_SSO_TARGET_URL=https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO
  167. # SAML_IDP_CERT=
  168. # SAML_IDP_CERT_FINGERPRINT=
  169. # SAML_NAME_IDENTIFIER_FORMAT=
  170. # SAML_CERT=
  171. # SAML_PRIVATE_KEY=
  172. # SAML_SECURITY_WANT_ASSERTION_SIGNED=true
  173. # SAML_SECURITY_WANT_ASSERTION_ENCRYPTED=true
  174. # SAML_ATTRIBUTES_STATEMENTS_UID="urn:oid:0.9.2342.19200300.100.1.1"
  175. # SAML_ATTRIBUTES_STATEMENTS_EMAIL="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"
  176. # SAML_ATTRIBUTES_STATEMENTS_FULL_NAME="urn:oid:2.5.4.42"
  177. # SAML_UID_ATTRIBUTE="urn:oid:0.9.2342.19200300.100.1.1"