diff options
author | Lauri Ojansivu <x@xet7.org> | 2019-06-11 17:48:08 +0300 |
---|---|---|
committer | Lauri Ojansivu <x@xet7.org> | 2019-06-11 17:48:08 +0300 |
commit | f154c0338572fa09b3134d177c76e534c5947ed4 (patch) | |
tree | 524ea7c9396d54a93c9aeab989ac3bc86b018cc0 /snap-src | |
parent | 526e10865ff0c2c4465ead8ae14328ebf0d40257 (diff) | |
parent | e1e20275a673d3065c6cf239db8d2f1a505baa69 (diff) | |
download | wekan-f154c0338572fa09b3134d177c76e534c5947ed4.tar.gz wekan-f154c0338572fa09b3134d177c76e534c5947ed4.tar.bz2 wekan-f154c0338572fa09b3134d177c76e534c5947ed4.zip |
Merge branch 'edge' into meteor-1.8
Diffstat (limited to 'snap-src')
-rwxr-xr-x | snap-src/bin/config | 14 | ||||
-rwxr-xr-x | snap-src/bin/wekan-help | 12 |
2 files changed, 22 insertions, 4 deletions
diff --git a/snap-src/bin/config b/snap-src/bin/config index b950c9e5..6d86339b 100755 --- a/snap-src/bin/config +++ b/snap-src/bin/config @@ -3,7 +3,7 @@ # All supported keys are defined here together with descriptions and default values # list of supported keys -keys="DEBUG MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW EMAIL_NOTIFICATION_TIMEOUT CORS MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME BROWSER_POLICY_ENABLED TRUSTED_URL WEBHOOKS_ATTRIBUTES OAUTH2_ENABLED OAUTH2_LOGIN_STYLE OAUTH2_CLIENT_ID OAUTH2_SECRET OAUTH2_SERVER_URL OAUTH2_AUTH_ENDPOINT OAUTH2_USERINFO_ENDPOINT OAUTH2_TOKEN_ENDPOINT OAUTH2_ID_MAP OAUTH2_USERNAME_MAP OAUTH2_FULLNAME_MAP OAUTH2_ID_TOKEN_WHITELIST_FIELDS OAUTH2_EMAIL_MAP OAUTH2_REQUEST_PERMISSIONS LDAP_ENABLE LDAP_PORT LDAP_HOST LDAP_BASEDN LDAP_LOGIN_FALLBACK LDAP_RECONNECT LDAP_TIMEOUT LDAP_IDLE_TIMEOUT LDAP_CONNECT_TIMEOUT LDAP_AUTHENTIFICATION LDAP_AUTHENTIFICATION_USERDN LDAP_AUTHENTIFICATION_PASSWORD LDAP_LOG_ENABLED LDAP_BACKGROUND_SYNC LDAP_BACKGROUND_SYNC_INTERVAL LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS LDAP_ENCRYPTION LDAP_CA_CERT LDAP_REJECT_UNAUTHORIZED LDAP_USER_AUTHENTICATION LDAP_USER_SEARCH_FILTER LDAP_USER_SEARCH_SCOPE LDAP_USER_SEARCH_FIELD LDAP_SEARCH_PAGE_SIZE LDAP_SEARCH_SIZE_LIMIT LDAP_GROUP_FILTER_ENABLE LDAP_GROUP_FILTER_OBJECTCLASS LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT LDAP_GROUP_FILTER_GROUP_NAME LDAP_UNIQUE_IDENTIFIER_FIELD LDAP_UTF8_NAMES_SLUGIFY LDAP_USERNAME_FIELD LDAP_FULLNAME_FIELD LDAP_MERGE_EXISTING_USERS LDAP_SYNC_USER_DATA LDAP_SYNC_USER_DATA_FIELDMAP LDAP_SYNC_GROUP_ROLES LDAP_DEFAULT_DOMAIN LDAP_EMAIL_MATCH_ENABLE LDAP_EMAIL_MATCH_REQUIRE LDAP_EMAIL_MATCH_VERIFIED LDAP_EMAIL_FIELD LDAP_SYNC_ADMIN_STATUS LDAP_SYNC_ADMIN_GROUPS HEADER_LOGIN_ID HEADER_LOGIN_FIRSTNAME HEADER_LOGIN_LASTNAME HEADER_LOGIN_EMAIL LOGOUT_WITH_TIMER LOGOUT_IN LOGOUT_ON_HOURS LOGOUT_ON_MINUTES DEFAULT_AUTHENTICATION_METHOD" +keys="DEBUG MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW EMAIL_NOTIFICATION_TIMEOUT CORS CORS_ALLOW_HEADERS CORS_EXPOSE_HEADERS MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME BROWSER_POLICY_ENABLED TRUSTED_URL WEBHOOKS_ATTRIBUTES OAUTH2_ENABLED OAUTH2_LOGIN_STYLE OAUTH2_CLIENT_ID OAUTH2_SECRET OAUTH2_SERVER_URL OAUTH2_AUTH_ENDPOINT OAUTH2_USERINFO_ENDPOINT OAUTH2_TOKEN_ENDPOINT OAUTH2_ID_MAP OAUTH2_USERNAME_MAP OAUTH2_FULLNAME_MAP OAUTH2_ID_TOKEN_WHITELIST_FIELDS OAUTH2_EMAIL_MAP OAUTH2_REQUEST_PERMISSIONS LDAP_ENABLE LDAP_PORT LDAP_HOST LDAP_BASEDN LDAP_LOGIN_FALLBACK LDAP_RECONNECT LDAP_TIMEOUT LDAP_IDLE_TIMEOUT LDAP_CONNECT_TIMEOUT LDAP_AUTHENTIFICATION LDAP_AUTHENTIFICATION_USERDN LDAP_AUTHENTIFICATION_PASSWORD LDAP_LOG_ENABLED LDAP_BACKGROUND_SYNC LDAP_BACKGROUND_SYNC_INTERVAL LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS LDAP_ENCRYPTION LDAP_CA_CERT LDAP_REJECT_UNAUTHORIZED LDAP_USER_AUTHENTICATION LDAP_USER_SEARCH_FILTER LDAP_USER_SEARCH_SCOPE LDAP_USER_SEARCH_FIELD LDAP_SEARCH_PAGE_SIZE LDAP_SEARCH_SIZE_LIMIT LDAP_GROUP_FILTER_ENABLE LDAP_GROUP_FILTER_OBJECTCLASS LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT LDAP_GROUP_FILTER_GROUP_NAME LDAP_UNIQUE_IDENTIFIER_FIELD LDAP_UTF8_NAMES_SLUGIFY LDAP_USERNAME_FIELD LDAP_FULLNAME_FIELD LDAP_MERGE_EXISTING_USERS LDAP_SYNC_USER_DATA LDAP_SYNC_USER_DATA_FIELDMAP LDAP_SYNC_GROUP_ROLES LDAP_DEFAULT_DOMAIN LDAP_EMAIL_MATCH_ENABLE LDAP_EMAIL_MATCH_REQUIRE LDAP_EMAIL_MATCH_VERIFIED LDAP_EMAIL_FIELD LDAP_SYNC_ADMIN_STATUS LDAP_SYNC_ADMIN_GROUPS HEADER_LOGIN_ID HEADER_LOGIN_FIRSTNAME HEADER_LOGIN_LASTNAME HEADER_LOGIN_EMAIL LOGOUT_WITH_TIMER LOGOUT_IN LOGOUT_ON_HOURS LOGOUT_ON_MINUTES DEFAULT_AUTHENTICATION_METHOD" # default values DESCRIPTION_DEBUG="Debug OIDC OAuth2 etc. Example: sudo snap set wekan debug='true'" @@ -88,6 +88,14 @@ DESCRIPTION_CORS="Enable/disable CORS: Set Access-Control-Allow-Origin header. E DEFAULT_CORS="" KEY_CORS="cors" +DESCRIPTION_CORS_ALLOW_HEADERS="Set Access-Control-Allow-Headers header. \"Authorization,Content-Type\" is required for cross-origin use of the API." +DEFAULT_CORS_ALLOW_HEADERS="" +KEY_CORS_ALLOW_HEADERS="cors-allow-headers" + +DESCRIPTION_EXPOSE_HEADERS="Set Access-Control-Expose-Headers header. This is not needed for typical CORS situations. Example: *" +DEFAULT_CORS_EXPOSE_HEADERS="" +KEY_CORS_EXPOSE_HEADERS="cors-expose-headers" + DESCRIPTION_MATOMO_ADDRESS="The address of the server where matomo is hosted" DEFAULT_MATOMO_ADDRESS="" KEY_MATOMO_ADDRESS="matomo-address" @@ -170,8 +178,8 @@ DESCRIPTION_OAUTH2_ID_TOKEN_WHITELIST_FIELDS="OAuth2 ID Token Whitelist Fields. DEFAULT_OAUTH2_ID_TOKEN_WHITELIST_FIELDS="[]" KEY_OAUTH2_ID_TOKEN_WHITELIST_FIELDS="oauth2-id-token-whitelist-fields" -DESCRIPTION_OAUTH2_REQUEST_PERMISSIONS="OAuth2 Request Permissions. Example: ['openid','profile','email']" -DEFAULT_OAUTH2_REQUEST_PERMISSIONS="['openid','profile','email']" +DESCRIPTION_OAUTH2_REQUEST_PERMISSIONS="OAuth2 Request Permissions. Example: 'openid profile email'" +DEFAULT_OAUTH2_REQUEST_PERMISSIONS="'openid profile email'" KEY_OAUTH2_REQUEST_PERMISSIONS="oauth2-request-permissions" DESCRIPTION_OAUTH2_EMAIL_MAP="OAuth2 Email Mapping. Example: email" diff --git a/snap-src/bin/wekan-help b/snap-src/bin/wekan-help index 56f418ff..f8509d4c 100755 --- a/snap-src/bin/wekan-help +++ b/snap-src/bin/wekan-help @@ -68,6 +68,16 @@ echo -e "\t$ snap set $SNAP_NAME cors='*'" echo -e "\t-Disable the CORS:" echo -e "\t$ snap set $SNAP_NAME cors=''" echo -e "\n" +echo -e "To enable the Set Access-Control-Allow-Headers header. \"Authorization,Content-Type\" is required for cross-origin use of the API." +echo -e "\t$ snap set $SNAP_NAME cors-allow-headers='Authorization,Content-Type'" +echo -e "\t-Disable the Set Access-Control-Allow-Headers header. \"Authorization,Content-Type\" is required for cross-origin use of the API." +echo -e "\t$ snap set $SNAP_NAME cors-allow-headers=''" +echo -e "\n" +echo -e "To enable the Set Access-Control-Expose-Headers header. This is not needed for typical CORS situations. Example: *" +echo -e "\t$ snap set $SNAP_NAME cors-expose-headers='*'" +echo -e "\t-Disable the Set Access-Control-Expose-Headers header. This is not needed for typical CORS situations. Example: ''" +echo -e "\t$ snap set $SNAP_NAME cors-expose-headers=''" +echo -e "\n" echo -e "Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside." echo -e "\t\t Setting this to false is not recommended, it also disables all other browser policy protections" echo -e "\t\t and allows all iframing etc. See wekan/server/policy.js" @@ -138,7 +148,7 @@ echo -e "\t$ snap set $SNAP_NAME oauth2-id-token-whitelist-fields=''" echo -e "\n" echo -e "OAuth2 Request Permissions." echo -e "To enable the OAuth2 Request Permissions of Wekan:" -echo -e "\t$ snap set $SNAP_NAME oauth2-request-permissions=\"['openid','profile','email']\"" +echo -e "\t$ snap set $SNAP_NAME oauth2-request-permissions=\"'openid profile email'\"" echo -e "\t-Disable the OAuth2 Request Permissions of Wekan:" echo -e "\t$ snap set $SNAP_NAME oauth2-request-permissions=''" echo -e "\n" |