liquid_feedback_frontend
changeset 1656:3fb752f4afcb
Cleanup of configuration files
author | bsw |
---|---|
date | Sun Feb 14 12:46:39 2021 +0100 (2021-02-14) |
parents | 036703d1b400 |
children | 4d5f30d8df4a |
files | app/main/_prefork/10_init.lua config/_ldap.lua config/_ldap_ad.lua config/_lf4rcs.lua config/example.lua |
line diff
1.1 --- a/app/main/_prefork/10_init.lua Fri Feb 12 17:59:21 2021 +0100 1.2 +++ b/app/main/_prefork/10_init.lua Sun Feb 14 12:46:39 2021 +0100 1.3 @@ -126,6 +126,10 @@ 1.4 if not config.oauth2.dynamic_registration_lifetime then 1.5 config.oauth2.dynamic_registration_lifetime = 60 * 60 * 24 1.6 end 1.7 + if config.oauth2.refresh_pause < config.oauth2.refresh_grace_period then 1.8 + print("ERROR: config.auth2.refresh_pause is smaller than config.oauth2.refresh_grace_period") 1.9 + os.exit() 1.10 + end 1.11 end 1.12 1.13 if not config.database then
2.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 2.2 +++ b/config/_ldap.lua Sun Feb 14 12:46:39 2021 +0100 2.3 @@ -0,0 +1,59 @@ 2.4 +config.ldap = { 2.5 + hosts = { 2.6 + { 2.7 + { uri = "ldap://192.168.1.1", tls = true, timeout = 5 }, 2.8 + { uri = "ldap://192.168.1.2", tls = true, timeout = 5 }, 2.9 + }, 2.10 + { uri = "ldap://192.168.1.3", tls = true, timeout = 5 }, 2.11 + }, 2.12 + base = "dc=example,dc=org", 2.13 + bind_as = { dn = "cn=admin,dc=example,dc=org", password = "secure" }, 2.14 + member = { 2.15 + registration = "auto", 2.16 + scope = "subtree", 2.17 + login_normalizer = function (login) 2.18 + return login:lower() 2.19 + end, 2.20 + login_filter_map = function (login) 2.21 + return "(uid=" .. ldap.escape_filter(login) .. ")" 2.22 + end, 2.23 + login_map = function (ldap_entry) 2.24 + return ldap_entry.uid[1] 2.25 + end, 2.26 + uid_filter_map = function (uid) 2.27 + return "(uidNumber=" .. ldap.escape_filter(uid) .. ")" 2.28 + end, 2.29 + uid_map = function (ldap_entry) 2.30 + return ldap_entry.uidNumber[1] 2.31 + end, 2.32 + fetch_attr = { "uid", "uidNumber", "givenName", "sn", "displayName", "memberof" }, 2.33 + attr_map = function (ldap_entry, member) 2.34 + member.identification = ldap_entry.givenName[1] .. " " .. ldap_entry.sn[1] 2.35 + member.name = ldap_entry.displayName[1] 2.36 + end, 2.37 + privilege_map = function (ldap_entry, member) 2.38 + local privileges 2.39 + if ldap_entry.dn:match("ou=people,dc=example,dc=org") then 2.40 + privileges = { 2.41 + { unit_id = 1, voting_right = true, polling_right = true }, 2.42 + { unit_id = 2, voting_right = true, polling_right = false }, 2.43 + { unit_id = 3, voting_right = false, polling_right = true } 2.44 + } 2.45 + elseif ldap_entry.dn:match("ou=employees,dc=example,dc=org$") then 2.46 + privileges = { 2.47 + { unit_id = 1, voting_right = false, polling_right = true }, 2.48 + { unit_id = 2, voting_right = false, polling_right = true }, 2.49 + { unit_id = 3, voting_right = true, polling_right = false } 2.50 + } 2.51 + elseif ldap_entry.dn:match("ou=member,dc=example,dc=org$") then 2.52 + privileges = { 2.53 + { unit_id = 1, voting_right = true, polling_right = false } 2.54 + } 2.55 + end 2.56 + return privileges 2.57 + end, 2.58 + cache_passwords = true, 2.59 + locked_profile_fields = { name = true } 2.60 + } 2.61 +} 2.62 +
3.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 3.2 +++ b/config/_ldap_ad.lua Sun Feb 14 12:46:39 2021 +0100 3.3 @@ -0,0 +1,66 @@ 3.4 +local function str2hex(s) 3.5 + local t = {string.byte(s, 1, #s)} 3.6 + local f = string.format 3.7 + for i = 1, #t do t[i] = f("\\%02x", t[i]) end 3.8 + return table.concat(t) 3.9 +end 3.10 + 3.11 +config.ldap = { 3.12 + hosts = { 3.13 + { uri = "ldap://192.168.1.1", tls = true, timeout = 5 }, 3.14 + { uri = "ldap://192.168.1.2", tls = true, timeout = 5 } 3.15 + }, 3.16 + base = "CN=Users,DC=example,DC=org", 3.17 + bind_as = { dn = "CN=LiquidFeedback Service,CN=Users,DC=example,DC=org", password = "secure" }, 3.18 + member = { 3.19 + registration = "auto", 3.20 + scope = "subtree", 3.21 + login_normalizer = function (login) 3.22 + return login:lower() 3.23 + end, 3.24 + login_filter_map = function (login) 3.25 + return "(sAMAccountName=" .. ldap.escape_filter(login) .. ")" 3.26 + end, 3.27 + login_map = function (ldap_entry) 3.28 + return ldap_entry.sAMAccountName[1] 3.29 + end, 3.30 + uid_filter_map = function (uid) 3.31 + return "(objectGUID=" .. uid .. ")" 3.32 + end, 3.33 + uid_map = function (ldap_entry) 3.34 + return str2hex(ldap_entry.objectGUID[1]) 3.35 + end, 3.36 + allowed_map = function (ldap_entry) 3.37 + local allowed = false 3.38 + if ldap_entry.memberOf then 3.39 + for i, group in ipairs(ldap_entry.memberOf) do 3.40 + if group == "CN=LiquidFeedback User,CN=Users,DC=example,DC=org" then 3.41 + allowed = true 3.42 + end 3.43 + end 3.44 + end 3.45 + return allowed 3.46 + end, 3.47 + fetch_attr = { "sAMAccountName", "objectGUID", "givenName", "name", "displayName", "memberOf" }, 3.48 + attr_map = function (ldap_entry, member) 3.49 + member.identification = ldap_entry.givenName[1] .. " " .. ldap_entry.name[1] 3.50 + member.name = ldap_entry.displayName[1] 3.51 + end, 3.52 + privilege_map = function (ldap_entry, member) 3.53 + local privileges = {} 3.54 + if ldap_entry.memberOf then 3.55 + for i, group in ipairs(ldap_entry.memberOf) do 3.56 + if group == "CN=LiquidFeedback User,CN=Users,DC=example,DC=org" then 3.57 + table.insert(privileges, 3.58 + { unit_id = 1, voting_right = true, polling_right = true } 3.59 + ) 3.60 + end 3.61 + end 3.62 + end 3.63 + return privileges 3.64 + end, 3.65 + cache_passwords = true, 3.66 + locked_profile_fields = { name = true } 3.67 + } 3.68 +} 3.69 +
4.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 4.2 +++ b/config/_lf4rcs.lua Sun Feb 14 12:46:39 2021 +0100 4.3 @@ -0,0 +1,115 @@ 4.4 +-- Configuration of lf4rcs 4.5 +-- ------------------------------------------------------------------------ 4.6 +config.lf4rcs = {} 4.7 + 4.8 +-- Example configuration for controlling a Git repository 4.9 + 4.10 +config.lf4rcs.git = { 4.11 + 4.12 + render_draft_reference = function(url, draft) 4.13 + if not draft.external_reference then return end 4.14 + ui.tag{ content = _"Changeset:" } 4.15 + slot.put(" ") 4.16 + ui.link{ 4.17 + text = draft.external_reference, 4.18 + external = url .. ";a=commit;h=" .. draft.external_reference 4.19 + } 4.20 + end, 4.21 + 4.22 + get_remote_user = function() 4.23 + return os.getenv("REMOTE_USER") 4.24 + end, 4.25 + 4.26 + get_branches = function(path, exec) 4.27 + local branches = {} 4.28 + for line in io.lines() do 4.29 + local oldrev, newrev, branch = string.match(line, "([^ ]+) ([^ ]+) refs/heads/(.+)") 4.30 + if not branch then 4.31 + return nil, "unexpected format from git hook environment" 4.32 + end 4.33 + branches[branch] = { newrev } 4.34 + end 4.35 + return branches 4.36 + end, 4.37 + 4.38 + commit = function(path, exec, branch, target_node_id, close_message, merge_message) 4.39 + if merge_message then 4.40 + exec("git", "-C", path, "checkout", "-f", "master") 4.41 + exec("git", "-C", path, "merge", target_node_id, "-m", merge_message) 4.42 + exec("git", "-C", path, "push", "origin", "master") 4.43 + end 4.44 + end 4.45 + 4.46 +} 4.47 + 4.48 +-- Example configuration for controlling a Mercurial repository 4.49 +config.lf4rcs.hg = { 4.50 + 4.51 + working_branch_name = "work", 4.52 + 4.53 + render_draft_reference = function(url, draft) 4.54 + if not draft.external_reference then return end 4.55 + ui.tag{ content = _"Changeset graph:" } 4.56 + slot.put(" ") 4.57 + ui.link{ 4.58 + text = draft.external_reference, 4.59 + external = url .. "/graph/" .. draft.external_reference 4.60 + } 4.61 + end, 4.62 + 4.63 + get_remote_user = function() 4.64 + return os.getenv("REMOTE_USER") 4.65 + end, 4.66 + 4.67 + get_branches = function(path, exec) 4.68 + local first_node_id = os.getenv("HG_NODE") 4.69 + if not first_node_id then 4.70 + return nil, "internal error, no first node ID available" 4.71 + end 4.72 + local hg_log = exec( 4.73 + "hg", "log", "-R", path, "-r", first_node_id .. ":", "--template", "{branches}\n" 4.74 + ) 4.75 + local branches = {} 4.76 + for branch in hg_log:gmatch("(.-)\n") do 4.77 + if branch == "" then branch = "default" end 4.78 + if not branches[branch] then 4.79 + branches[branch] = {} 4.80 + local head_lines = exec( 4.81 + "hg", "heads", "-R", path, "--template", "{node}\n", branch 4.82 + ) 4.83 + for node_id in string.gmatch(head_lines, "[^\n]+") do 4.84 + table.insert(branches[branch], node_id) 4.85 + end 4.86 + end 4.87 + end 4.88 + return branches 4.89 + end, 4.90 + 4.91 + extra_checks = function(path, exec) 4.92 + local result = exec("hg", "heads", "-t", "-c") 4.93 + for branch in string.gmatch(result, "[^\n]+") do 4.94 + if branch == lf4rcs.config.hg.working_branch_name then 4.95 + return nil, "open head found for branch " .. lf4rcs.config.hg.working_branch_name 4.96 + end 4.97 + end 4.98 + return true 4.99 + end, 4.100 + 4.101 + commit = function(path, exec, branch, target_node_id, close_message, merge_message) 4.102 + exec("hg", "up", "-R", path, "-C", "-r", target_node_id) 4.103 + exec("hg", "commit", "-R", path, "--close-branch", "-m", close_message) 4.104 + if merge_message then 4.105 + exec("hg", "up", "-R", path, "-C", "-r", "default") 4.106 + exec("hg", "merge", "-R", path, "-r", "tip") 4.107 + exec("hg", "commit", "-R", path, "-m", merge_message) 4.108 + end 4.109 + end 4.110 + 4.111 +} 4.112 + 4.113 +-- Grace period after creating an initiative for pushing changes during verification phase 4.114 +-- disabled by default (nil), use PostgreSQL interval notation 4.115 +-- config.lf4rcs.push_grace_period = nil 4.116 + 4.117 +lf4rcs.init() 4.118 +
5.1 --- a/config/example.lua Fri Feb 12 17:59:21 2021 +0100 5.2 +++ b/config/example.lua Sun Feb 14 12:46:39 2021 +0100 5.3 @@ -4,40 +4,7 @@ 5.4 5.5 -- Name of this instance, defaults to name of config file 5.6 -- ------------------------------------------------------------------------ 5.7 -config.instance_name = "Instance name" 5.8 - 5.9 - 5.10 --- Information about service provider (HTML) 5.11 --- ------------------------------------------------------------------------ 5.12 -config.app_service_provider = "Snake Oil<br/>10000 Berlin<br/>Germany" 5.13 - 5.14 - 5.15 --- A HTML formatted text the user has to accept while registering 5.16 --- ------------------------------------------------------------------------ 5.17 -config.use_terms = "<h1>Terms of Use</h1><p>Insert terms here</p>" 5.18 - 5.19 - 5.20 --- Checkbox(es) the user has to accept while registering 5.21 --- ------------------------------------------------------------------------ 5.22 ---[[ 5.23 -config.use_terms_checkboxes = { 5.24 - { 5.25 - name = "terms_of_use_v1", 5.26 - html = "I accept the terms of use.", 5.27 - not_accepted_error = "You have to accept the terms of use to be able to register." 5.28 - }, 5.29 - { 5.30 - name = "extra_terms_of_use_v1", 5.31 - html = "I accept the extra terms of use.", 5.32 - not_accepted_error = "You have to accept the extra terms of use to be able to register." 5.33 - } 5.34 -} 5.35 ---]] 5.36 - 5.37 --- Absolute base url of application 5.38 --- ------------------------------------------------------------------------ 5.39 -config.absolute_base_url = "http://example.com/" 5.40 -config.localhost = false 5.41 +config.instance_name = "Example Organisation" 5.42 5.43 5.44 -- Connection information for the LiquidFeedback database 5.45 @@ -45,31 +12,32 @@ 5.46 config.database = { engine='postgresql', dbname='liquid_feedback' } 5.47 5.48 5.49 --- Location of the rocketwiki binaries 5.50 +-- Absolute base url of application 5.51 +-- ------------------------------------------------------------------------ 5.52 +config.absolute_base_url = "https://example.org/" 5.53 + 5.54 + 5.55 +-- Network interface to bind to 5.56 +-- ------------------------------------------------------------------------ 5.57 +-- Available options: 5.58 +-- true: bind to localhost (default) 5.59 +-- false: bind to all interface 5.60 -- ------------------------------------------------------------------------ 5.61 -config.enforce_formatting_engine = "markdown2" 5.62 -config.formatting_engines = { 5.63 - { id = "markdown2", 5.64 - name = "python-markdown2", 5.65 - executable = "markdown2", 5.66 - args = {'-s', 'escape', '-x', 'nofollow,wiki-tables'}, 5.67 - remove_images = true 5.68 - }, 5.69 --- { id = "markdown_py", 5.70 --- name = "Python Markdown", 5.71 --- executable = "markdown_py", 5.72 --- args = {'-s', 'escape', '-x', 'extra', '-x', 'nl2br', '-x', 'sane_lists'}, 5.73 --- remove_images = true 5.74 --- }, 5.75 --- { id = "rocketwiki", 5.76 --- name = "RocketWiki", 5.77 --- executable = "/opt/rocketwiki-lqfb/rocketwiki-lqfb" 5.78 --- }, 5.79 --- { id = "compat", 5.80 --- name = "Traditional WIKI syntax", 5.81 --- executable = "/opt/rocketwiki-lqfb/rocketwiki-lqfb-compat" 5.82 --- }, 5.83 -} 5.84 +-- config.localhost = true 5.85 + 5.86 + 5.87 +-- Network port to bind to, default port 8080 5.88 +-- ------------------------------------------------------------------------ 5.89 +-- config.port = 8080 5.90 + 5.91 + 5.92 +-- Serving content via IPV6 5.93 +-- ------------------------------------------------------------------------ 5.94 +-- Available options: 5.95 +-- nil or false: do not serve via IPv6 (default) 5.96 +-- true: serve via IPv6 5.97 +-- ------------------------------------------------------------------------ 5.98 +-- config.ipv6 = false 5.99 5.100 5.101 -- Public access level 5.102 @@ -88,7 +56,12 @@ 5.103 -- "everything" 5.104 -- -> Show everything a member can see, including profile pages 5.105 -- ------------------------------------------------------------------------ 5.106 -config.public_access = "authors_pseudonymous" 5.107 +config.public_access = "none" 5.108 + 5.109 + 5.110 +-- Information about service provider (HTML) 5.111 +-- ------------------------------------------------------------------------ 5.112 +config.app_service_provider = "Snake Oil<br/>10000 Berlin<br/>Germany" 5.113 5.114 5.115 5.116 @@ -97,15 +70,6 @@ 5.117 -- Remove leading -- to use a option 5.118 -- ======================================================================== 5.119 5.120 --- Disable registration 5.121 --- ------------------------------------------------------------------------ 5.122 --- Available options: 5.123 --- false: registration is enabled (default) 5.124 --- true: registration is disabled 5.125 --- ------------------------------------------------------------------------ 5.126 --- config.disable_registration = true 5.127 - 5.128 - 5.129 -- List of enabled languages, defaults to available languages 5.130 -- ------------------------------------------------------------------------ 5.131 -- config.enabled_languages = { 'en', 'de', 'eo', 'el', 'hu', 'it', 'ka', 'nl', 'zh-Hans', 'zh-TW' } 5.132 @@ -116,6 +80,35 @@ 5.133 -- config.default_lang = "en" 5.134 5.135 5.136 +-- Disable registration 5.137 +-- ------------------------------------------------------------------------ 5.138 +-- Available options: 5.139 +-- false: registration is enabled (default) 5.140 +-- true: registration is disabled 5.141 +-- ------------------------------------------------------------------------ 5.142 +-- config.disable_registration = true 5.143 + 5.144 + 5.145 +-- A HTML formatted text the user has to accept while registering 5.146 +-- ------------------------------------------------------------------------ 5.147 +-- config.use_terms = "<h1>Terms of Use</h1><p>Insert terms here</p>" 5.148 + 5.149 + 5.150 +-- Checkbox(es) the user has to accept while registering 5.151 +-- ------------------------------------------------------------------------ 5.152 +-- config.use_terms_checkboxes = { 5.153 +-- { 5.154 +-- name = "terms_of_use_v1", 5.155 +-- html = "I accept the terms of use.", 5.156 +-- not_accepted_error = "You have to accept the terms of use to be able to register." 5.157 +-- }, 5.158 +-- { 5.159 +-- name = "extra_terms_of_use_v1", 5.160 +-- html = "I accept the extra terms of use.", 5.161 +-- not_accepted_error = "You have to accept the extra terms of use to be able to register." 5.162 +-- } 5.163 +-- } 5.164 + 5.165 -- after how long is a user considered inactive and the trustee will see warning, 5.166 -- notation is according to postgresql intervals, default: no warning at all 5.167 -- ------------------------------------------------------------------------ 5.168 @@ -125,8 +118,8 @@ 5.169 -- after which time a user is advised (_soft) or forced (_hard) to check 5.170 -- unit and area delegations. default: no check at all 5.171 -- ------------------------------------------------------------------------ 5.172 +-- config.check_delegations_interval_soft = "3 months" 5.173 -- config.check_delegations_interval_hard = "6 months" 5.174 --- config.check_delegations_interval_soft = "3 months" 5.175 5.176 5.177 -- default option when checking delegations 5.178 @@ -174,11 +167,6 @@ 5.179 -- config.password_hash_max_rounds = 20000 5.180 5.181 5.182 --- Supply custom url for avatar/photo delivery 5.183 --- ------------------------------------------------------------------------ 5.184 --- config.fastpath_url_func = nil 5.185 - 5.186 - 5.187 -- Local directory for database dumps offered for download 5.188 -- ------------------------------------------------------------------------ 5.189 -- config.download_dir = nil 5.190 @@ -197,6 +185,32 @@ 5.191 -- photo = function(data) return extos.pfilter(data, "convert", "jpeg:-", "-thumbnail", "240x240", "jpeg:-") end 5.192 --} 5.193 5.194 +-- Initiative attachments 5.195 +-- ------------------------------------------------------------------------ 5.196 +-- config.attachments = {} 5.197 + 5.198 +-- Conversion function for recoding attachments 5.199 +-- ------------------------------------------------------------------------ 5.200 +-- config.attachments.convert_func = function(data) 5.201 +-- return extos.pfilter(data, "convert", "jpeg:-", "-thumbnail", "240x240", "jpeg:-") 5.202 +-- end 5.203 + 5.204 +-- Custom UI colors, defaults to green/blue 5.205 +-- ------------------------------------------------------------------------ 5.206 +-- config.style = { 5.207 +-- color_md = { 5.208 +-- primary = "green", 5.209 +-- primary_contrast = "dark", 5.210 +-- accent = "blue", 5.211 +-- accent_contrast = "dark" 5.212 +-- } 5.213 +-- } 5.214 + 5.215 +-- Member profile fields, defaults to no extra fields 5.216 +-- ------------------------------------------------------------------------ 5.217 +-- config.member_profile_fields = {} 5.218 + 5.219 + 5.220 5.221 -- Display a html formatted public message of the day 5.222 -- ------------------------------------------------------------------------ 5.223 @@ -208,16 +222,6 @@ 5.224 -- config.motd_intern = "<h1>Message of the day (intern)</h1><p>The MOTD is formatted with HTML</p>" 5.225 5.226 5.227 --- Integration of Etherpad, disabled by default 5.228 --- ------------------------------------------------------------------------ 5.229 ---config.etherpad = { 5.230 --- base_url = "http://example.com:9001/", 5.231 --- api_base = "http://localhost:9001/", 5.232 --- api_key = "mysecretapikey", 5.233 --- group_id = "mygroupname", 5.234 --- cookie_path = "/" 5.235 ---} 5.236 - 5.237 5.238 -- Free timings 5.239 -- ------------------------------------------------------------------------ 5.240 @@ -264,121 +268,6 @@ 5.241 } 5.242 --]] 5.243 5.244 --- Configuration of lf4rcs 5.245 --- ------------------------------------------------------------------------ 5.246 --- config.lf4rc = {} 5.247 - 5.248 --- Example configuration for controlling a Git repository 5.249 ---[[ 5.250 -config.lf4rcs.git = { 5.251 - 5.252 - render_draft_reference = function(url, draft) 5.253 - if not draft.external_reference then return end 5.254 - ui.tag{ content = _"Changeset:" } 5.255 - slot.put(" ") 5.256 - ui.link{ 5.257 - text = draft.external_reference, 5.258 - external = url .. ";a=commit;h=" .. draft.external_reference 5.259 - } 5.260 - end, 5.261 - 5.262 - get_remote_user = function() 5.263 - return os.getenv("REMOTE_USER") 5.264 - end, 5.265 - 5.266 - get_branches = function(path, exec) 5.267 - local branches = {} 5.268 - for line in io.lines() do 5.269 - local oldrev, newrev, branch = string.match(line, "([^ ]+) ([^ ]+) refs/heads/(.+)") 5.270 - if not branch then 5.271 - return nil, "unexpected format from git hook environment" 5.272 - end 5.273 - branches[branch] = { newrev } 5.274 - end 5.275 - return branches 5.276 - end, 5.277 - 5.278 - commit = function(path, exec, branch, target_node_id, close_message, merge_message) 5.279 - if merge_message then 5.280 - exec("git", "-C", path, "checkout", "-f", "master") 5.281 - exec("git", "-C", path, "merge", target_node_id, "-m", merge_message) 5.282 - exec("git", "-C", path, "push", "origin", "master") 5.283 - end 5.284 - end 5.285 - 5.286 -} 5.287 - 5.288 --- Example configuration for controlling a Mercurial repository 5.289 -config.lf4rcs.hg = { 5.290 - 5.291 - working_branch_name = "work", 5.292 - 5.293 - render_draft_reference = function(url, draft) 5.294 - if not draft.external_reference then return end 5.295 - ui.tag{ content = _"Changeset graph:" } 5.296 - slot.put(" ") 5.297 - ui.link{ 5.298 - text = draft.external_reference, 5.299 - external = url .. "/graph/" .. draft.external_reference 5.300 - } 5.301 - end, 5.302 - 5.303 - get_remote_user = function() 5.304 - return os.getenv("REMOTE_USER") 5.305 - end, 5.306 - 5.307 - get_branches = function(path, exec) 5.308 - local first_node_id = os.getenv("HG_NODE") 5.309 - if not first_node_id then 5.310 - return nil, "internal error, no first node ID available" 5.311 - end 5.312 - local hg_log = exec( 5.313 - "hg", "log", "-R", path, "-r", first_node_id .. ":", "--template", "{branches}\n" 5.314 - ) 5.315 - local branches = {} 5.316 - for branch in hg_log:gmatch("(.-)\n") do 5.317 - if branch == "" then branch = "default" end 5.318 - if not branches[branch] then 5.319 - branches[branch] = {} 5.320 - local head_lines = exec( 5.321 - "hg", "heads", "-R", path, "--template", "{node}\n", branch 5.322 - ) 5.323 - for node_id in string.gmatch(head_lines, "[^\n]+") do 5.324 - table.insert(branches[branch], node_id) 5.325 - end 5.326 - end 5.327 - end 5.328 - return branches 5.329 - end, 5.330 - 5.331 - extra_checks = function(path, exec) 5.332 - local result = exec("hg", "heads", "-t", "-c") 5.333 - for branch in string.gmatch(result, "[^\n]+") do 5.334 - if branch == lf4rcs.config.hg.working_branch_name then 5.335 - return nil, "open head found for branch " .. lf4rcs.config.hg.working_branch_name 5.336 - end 5.337 - end 5.338 - return true 5.339 - end, 5.340 - 5.341 - commit = function(path, exec, branch, target_node_id, close_message, merge_message) 5.342 - exec("hg", "up", "-R", path, "-C", "-r", target_node_id) 5.343 - exec("hg", "commit", "-R", path, "--close-branch", "-m", close_message) 5.344 - if merge_message then 5.345 - exec("hg", "up", "-R", path, "-C", "-r", "default") 5.346 - exec("hg", "merge", "-R", path, "-r", "tip") 5.347 - exec("hg", "commit", "-R", path, "-m", merge_message) 5.348 - end 5.349 - end 5.350 - 5.351 -} 5.352 - 5.353 --- Grace period after creating an initiative for pushing changes during verification phase 5.354 --- disabled by default (nil), use PostgreSQL interval notation 5.355 --- config.lf4rcs.push_grace_period = nil 5.356 - 5.357 -lf4rcs.init() 5.358 ---]] 5.359 5.360 -- External references 5.361 -- ------------------------------------------------------------------------ 5.362 @@ -399,45 +288,44 @@ 5.363 end 5.364 --]] 5.365 5.366 + 5.367 +-- Configuration of OAuth2 service, defaults to OAuth2 disabled 5.368 +-- ------------------------------------------------------------------------ 5.369 +-- config.oauth2 = {} 5.370 + 5.371 +-- Additional scopes 5.372 +-- config.oauth2.available_scopes = { 5.373 +-- { scope = "privA", name = { de = "Beispielprivileg A", en = "Example privilege A" } }, 5.374 +-- { scope = "privB", name = { de = "Beispielprivileg B", en = "Example privilege B" } } 5.375 +-- } 5.376 + 5.377 +-- OAuth2 endpoint magic string for dynamic app registration 5.378 +-- ------------------------------------------------------------------------ 5.379 +-- config.oauth2.endpoint_magic = "liquidfeedback_client_redirection_endpoint" 5.380 + 5.381 +-- OAuth2 Token lifetime and timings 5.382 +-- ------------------------------------------------------------------------ 5.383 +-- config.oauth2.authorization_code_lifetime = 5 * 60 5.384 +-- config.oauth2.refresh_token_lifetime = 60 * 60 * 24 * 30 * 3 5.385 +-- config.oauth2.refresh_pause = 60 5.386 +-- config.oauth2.refresh_grace_period = 60 5.387 +-- config.oauth2.access_token_lifetime = 60 * 60 5.388 + 5.389 + 5.390 + 5.391 -- Admin logger 5.392 -- ------------------------------------------------------------------------ 5.393 -- Logging administrative activities 5.394 -- disabled by default 5.395 5.396 ---[[ 5.397 -config.admin_logger = function(params) 5.398 - 5.399 - local adminid = app.session.member_id 5.400 - local adminname = app.session.member.name 5.401 - local url = params._webmcp_path 5.402 - 5.403 - -- do something (e.g. calling 'logger' via extos.pfilter) 5.404 - 5.405 -end 5.406 ---]] 5.407 +-- config.admin_logger = function(params) 5.408 +-- local adminid = app.session.member_id 5.409 +-- local adminname = app.session.member.name 5.410 +-- local url = params._webmcp_path 5.411 +-- -- do something (e.g. calling 'logger' via extos.pfilter) 5.412 +-- end 5.413 5.414 5.415 --- Network interface to bind to 5.416 --- ------------------------------------------------------------------------ 5.417 --- Available options: 5.418 --- true: bind to localhost (default) 5.419 --- false: bind to all interface 5.420 --- ------------------------------------------------------------------------ 5.421 --- config.localhost = true 5.422 - 5.423 - 5.424 --- Network port to bind to 5.425 --- ------------------------------------------------------------------------ 5.426 --- config.port = 8080 5.427 - 5.428 - 5.429 --- Serving content via IPV6 5.430 --- ------------------------------------------------------------------------ 5.431 --- Available options: 5.432 --- nil or false: do not serve via IPv6 (default) 5.433 --- true: serve via IPv6 5.434 --- ------------------------------------------------------------------------ 5.435 --- config.ipv6 = false 5.436 5.437 5.438 -- Application server fork configuration 5.439 @@ -483,28 +371,42 @@ 5.440 -- ------------------------------------------------------------------------ 5.441 -- uncomment the following line to enable debug trace 5.442 -- ------------------------------------------------------------------------ 5.443 -config.enable_debug_trace = true 5.444 +-- config.enable_debug_trace = true 5.445 + 5.446 + 5.447 +-- Configuration of lf4rcs, disabled by default 5.448 +-- for example configration see _lf4rcs.lua 5.449 +-- ------------------------------------------------------------------------ 5.450 +-- execute.config("_lf4rcs") 5.451 + 5.452 + 5.453 +-- Configuration of ldap authentication, disabled by default 5.454 +-- for example configration, see _ldap.lua 5.455 +-- for active directory example, see _ldap_ad.lua 5.456 +-- ------------------------------------------------------------------------ 5.457 +-- execute.config("_ldap") 5.458 +-- execute.config("_ldap_ad") 5.459 5.460 5.461 -config.fork = { 5.462 - pre =1, min = 1, max = 1, max_requests = 1, min_requests = 1 5.463 -} 5.464 - 5.465 -config.localhost = true 5.466 +-- Integration of Etherpad, disabled by default 5.467 +-- ------------------------------------------------------------------------ 5.468 +--config.etherpad = { 5.469 +-- base_url = "http://example.com:9001/", 5.470 +-- api_base = "http://localhost:9001/", 5.471 +-- api_key = "mysecretapikey", 5.472 +-- group_id = "mygroupname", 5.473 +-- cookie_path = "/" 5.474 +--} 5.475 5.476 -config.oauth2 = { 5.477 - available_scopes = { 5.478 - { scope = "read", name = { de = "Lesen", en = "Read data" } }, 5.479 - { scope = "write", name = { de = "Schreiben", en = "Write data" } }, 5.480 - { scope = "privA", name = { de = "Beispielprivileg A", en = "Example privilege A" } }, 5.481 - { scope = "privB", name = { de = "Beispielprivileg B", en = "Example privilege B" } } 5.482 - }, 5.483 - authorization_code_lifetime = 5 * 60, 5.484 - refresh_token_lifetime = 60 * 60 * 24 * 30 * 3, 5.485 - refresh_pause = 60, 5.486 - refresh_grace_period = 60, 5.487 - access_token_lifetime = 60 * 60, 5.488 - -- NOTE for init.lua : check for refresh_pause >= refresh_grace_period 5.489 - endpoint_magic = "liquidfeedback_client_redirection_endpoint" 5.490 +-- Integration of FirstLife 5.491 +-- ------------------------------------------------------------------------ 5.492 +--[[ 5.493 +config.firstlife = { 5.494 + coordinates = "", 5.495 + areaviewer_url = "about:blank", 5.496 + inputmap_url = "about:blank" 5.497 } 5.498 +config.allow_new_draft_callback = true 5.499 +--]] 5.500 5.501 +