WIP contribution nav

2023-06-12 14:32:59 +02:00
187 changed files with 825 additions and 5716 deletions
--- a/.drone.yml
+++ b/.drone.yml
@@ -12,16 +12,14 @@ steps:
    settings:
      restore: true
      mount:
-      - ./vendor/cache
+      - ./vendor
    when:
      branch:
        - master
  - name: rspec
-    image: gitea.kosmos.org/kosmos/akkounts-ci:0.1.0
+    image: guildeducation/rails:2.7.2-14.20.0
    environment:
      RAILS_ENV: test
      REDIS_URL: redis://redis:6379/0
      RS_REDIS_URL: redis://redis:6379/1
    commands:
      - bundle config unset deployment
      - bundle config set cache_all 'true'
@@ -39,15 +37,11 @@ steps:
    settings:
      rebuild: true
      mount:
-      - ./vendor/cache
+      - ./vendor
    when:
      branch:
        - master
 services:
  - name: redis
    image: redis
 volumes:
  - name: cache
    host:
--- a/.env.example
+++ b/.env.example
@@ -1,4 +1,3 @@
 PRIMARY_DOMAIN=kosmos.org
 AKKOUNTS_DOMAIN=accounts.example.com
 SMTP_SERVER=smtp.example.com
@@ -10,40 +9,27 @@ SMTP_DOMAIN=example.com
 SMTP_AUTH_METHOD=plain
 SMTP_ENABLE_STARTTLS=auto
-# S3_ENABLED=true
+REDIS_URL='redis://localhost:6379/1'
 # S3_ENDPOINT=https://s3.kosmos.org
 # S3_REGION=garage
 # S3_BUCKET=akkounts-production
 # S3_ALIAS_HOST=accounts.s3.kosmos.org
 # S3_ACCESS_KEY=123456abcdefg
 # S3_SECRET_KEY=123456789123456789123456789
 LDAP_HOST=localhost
 LDAP_PORT=389
 LDAP_ADMIN_PASSWORD=passthebutter
 LDAP_SUFFIX='dc=kosmos,dc=org'
 REDIS_URL='redis://localhost:6379/1'
 WEBHOOKS_ALLOWED_IPS='10.1.1.163'
 DISCOURSE_PUBLIC_URL='https://community.kosmos.org'
 DISCOURSE_CONNECT_SECRET='discourse_connect_ftw'
 DRONECI_PUBLIC_URL='https://drone.kosmos.org'
 GITEA_PUBLIC_URL='https://gitea.kosmos.org'
 MASTODON_PUBLIC_URL='https://kosmos.social'
 MEDIAWIKI_PUBLIC_URL='https://wiki.kosmos.org'
 RS_STORAGE_URL='https://storage.kosmos.org'
 RS_REDIS_URL='redis://localhost:6379/2'
 EJABBERD_ADMIN_URL='https://xmpp.kosmos.org/admin'
 EJABBERD_API_URL='https://xmpp.kosmos.org/api'
 BTCPAY_API_URL='http://localhost:23001/api/v1'
 BTCPAY_STORE_ID=''
 BTCPAY_AUTH_TOKEN=''
 LNDHUB_API_URL='http://localhost:3023'
 LNDHUB_PUBLIC_URL='https://lndhub.kosmos.org'
--- a/.env.test
+++ b/.env.test
@@ -1,20 +1,14 @@
 PRIMARY_DOMAIN=kosmos.org
 REDIS_URL='redis://localhost:6379/0'
 BTCPAY_API_URL='http://btcpay.example.com/api/v1'
 BTCPAY_STORE_ID='123456'
 DISCOURSE_PUBLIC_URL='http://discourse.example.com'
 DISCOURSE_CONNECT_SECRET='discourse_connect_ftw'
 EJABBERD_API_URL='http://xmpp.example.com/api'
 BTCPAY_API_URL='http://btcpay.example.com/api/v1'
 LNDHUB_API_URL='http://localhost:3026'
 LNDHUB_PUBLIC_URL='https://lndhub.kosmos.org'
 LNDHUB_PUBLIC_KEY='024cd3be18617f39cf645851e3ba63f51fc13f0bb09e3bb25e6fd4de556486d946'
 RS_STORAGE_URL='https://storage.kosmos.org'
 RS_REDIS_URL='redis://localhost:6379/1'
 WEBHOOKS_ALLOWED_IPS='10.1.1.23'
--- a/.gitea/release-drafter.yml
+++ b/.gitea/release-drafter.yml
@@ -7,7 +7,6 @@ version-resolver:
  minor:
    labels:
      - 'release/minor'
      - 'feature'
  patch:
    labels:
      - 'release/patch'
--- a/.gitignore
+++ b/.gitignore
@@ -23,7 +23,6 @@
 !/tmp/pids/
 !/tmp/pids/.keep
 /storage
 /public/assets
 .byebug_history
@@ -40,7 +39,6 @@ yarn-debug.log*
 # Ignore local dotenv config file
 .env
 .env.development
 # Ignore redis dumps from sidekiq
 dump.rdb
--- a/8
+++ b/8
@@ -4,14 +4,14 @@ FROM ruby:2.7.6
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 RUN apt-get update -qq && apt-get install -y --no-install-recommends curl \
-      ldap-utils tini libvips
+      ldap-utils tini
 RUN curl -fsSL https://deb.nodesource.com/setup_lts.x | bash -
 RUN apt-get update && apt-get install -y nodejs
 WORKDIR /akkounts
-
+COPY Gemfile /akkounts/Gemfile
-COPY ["Gemfile", "Gemfile.lock", "package.json", "./"]
+COPY Gemfile.lock /akkounts/Gemfile.lock
-
+COPY package.json /akkounts/package.json
 RUN bundle install
 RUN gem install foreman
 RUN npm install -g yarn
--- a/13
+++ b/13
@@ -37,7 +37,6 @@ gem 'devise_ldap_authenticatable'
 gem 'net-ldap'
 # Utilities
 gem "image_processing", "~> 1.12.2"
 gem "rqrcode", "~> 2.0"
 gem 'rails-settings-cached', '~> 2.8.3'
 gem 'pagy', '~> 6.0', '>= 6.0.2'
@@ -47,28 +46,22 @@ gem 'flipper-ui'
 # HTTP requests
 gem 'faraday'
 gem 'down'
 gem 'aws-sdk-s3', require: false
 # Background/scheduled jobs
 gem 'sidekiq', '< 7'
 gem 'sidekiq-scheduler'
 # Service integrations
 gem 'discourse_api'
 # Monitoring
 gem "sentry-ruby"
 gem "sentry-rails"
 # Services
 gem 'discourse_api'
 gem "lnurl"
 gem 'manifique', git: 'https://gitea.kosmos.org/5apps/manifique.git', branch: 'master'
 gem 'nostr', git: 'https://gitea.kosmos.org/kosmos/nostr-gem.git', branch: 'feature/ruby_2.7_compat'
 group :development, :test do
  # Use sqlite3 as the database for Active Record
  gem 'sqlite3', '~> 1.4'
  gem 'rspec-rails'
  gem 'rails-controller-testing'
  gem "byebug", "~> 11.1"
 end
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,126 +1,81 @@
 GIT
  remote: https://gitea.kosmos.org/5apps/manifique.git
  revision: 8d79113438ee7c3e4288f840a135622519cffd5c
  branch: master
  specs:
    manifique (0.1.0)
      faraday (~> 2.7.11)
      faraday-follow_redirects (= 0.3.0)
      nokogiri (~> 1.15.4)
 GIT
  remote: https://gitea.kosmos.org/kosmos/nostr-gem.git
  revision: 596529d9eb50d13b3f385245636698fccf37b442
  branch: feature/ruby_2.7_compat
  specs:
    nostr (0.4.0)
      bech32 (~> 1.3)
      bip-schnorr (~> 0.4)
      ecdsa (~> 1.2)
      event_emitter (~> 0.2)
      faye-websocket (~> 0.11)
      json (~> 2.6)
 GEM
  remote: https://rubygems.org/
  specs:
-    actioncable (7.0.8)
+    actioncable (7.0.4)
-      actionpack (= 7.0.8)
+      actionpack (= 7.0.4)
-      activesupport (= 7.0.8)
+      activesupport (= 7.0.4)
      nio4r (~> 2.0)
      websocket-driver (>= 0.6.1)
-    actionmailbox (7.0.8)
+    actionmailbox (7.0.4)
-      actionpack (= 7.0.8)
+      actionpack (= 7.0.4)
-      activejob (= 7.0.8)
+      activejob (= 7.0.4)
-      activerecord (= 7.0.8)
+      activerecord (= 7.0.4)
-      activestorage (= 7.0.8)
+      activestorage (= 7.0.4)
-      activesupport (= 7.0.8)
+      activesupport (= 7.0.4)
      mail (>= 2.7.1)
      net-imap
      net-pop
      net-smtp
-    actionmailer (7.0.8)
+    actionmailer (7.0.4)
-      actionpack (= 7.0.8)
+      actionpack (= 7.0.4)
-      actionview (= 7.0.8)
+      actionview (= 7.0.4)
-      activejob (= 7.0.8)
+      activejob (= 7.0.4)
-      activesupport (= 7.0.8)
+      activesupport (= 7.0.4)
      mail (~> 2.5, >= 2.5.4)
      net-imap
      net-pop
      net-smtp
      rails-dom-testing (~> 2.0)
-    actionpack (7.0.8)
+    actionpack (7.0.4)
-      actionview (= 7.0.8)
+      actionview (= 7.0.4)
-      activesupport (= 7.0.8)
+      activesupport (= 7.0.4)
-      rack (~> 2.0, >= 2.2.4)
+      rack (~> 2.0, >= 2.2.0)
      rack-test (>= 0.6.3)
      rails-dom-testing (~> 2.0)
      rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (7.0.8)
+    actiontext (7.0.4)
-      actionpack (= 7.0.8)
+      actionpack (= 7.0.4)
-      activerecord (= 7.0.8)
+      activerecord (= 7.0.4)
-      activestorage (= 7.0.8)
+      activestorage (= 7.0.4)
-      activesupport (= 7.0.8)
+      activesupport (= 7.0.4)
      globalid (>= 0.6.0)
      nokogiri (>= 1.8.5)
-    actionview (7.0.8)
+    actionview (7.0.4)
-      activesupport (= 7.0.8)
+      activesupport (= 7.0.4)
      builder (~> 3.1)
      erubi (~> 1.4)
      rails-dom-testing (~> 2.0)
      rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (7.0.8)
+    activejob (7.0.4)
-      activesupport (= 7.0.8)
+      activesupport (= 7.0.4)
      globalid (>= 0.3.6)
-    activemodel (7.0.8)
+    activemodel (7.0.4)
-      activesupport (= 7.0.8)
+      activesupport (= 7.0.4)
-    activerecord (7.0.8)
+    activerecord (7.0.4)
-      activemodel (= 7.0.8)
+      activemodel (= 7.0.4)
-      activesupport (= 7.0.8)
+      activesupport (= 7.0.4)
-    activestorage (7.0.8)
+    activestorage (7.0.4)
-      actionpack (= 7.0.8)
+      actionpack (= 7.0.4)
-      activejob (= 7.0.8)
+      activejob (= 7.0.4)
-      activerecord (= 7.0.8)
+      activerecord (= 7.0.4)
-      activesupport (= 7.0.8)
+      activesupport (= 7.0.4)
      marcel (~> 1.0)
      mini_mime (>= 1.1.0)
-    activesupport (7.0.8)
+    activesupport (7.0.4)
      concurrent-ruby (~> 1.0, >= 1.0.2)
      i18n (>= 1.6, < 2)
      minitest (>= 5.1)
      tzinfo (~> 2.0)
-    addressable (2.8.5)
+    addressable (2.8.1)
      public_suffix (>= 2.0.2, < 6.0)
    ast (2.4.2)
    aws-eventstream (1.2.0)
    aws-partitions (1.839.0)
    aws-sdk-core (3.185.1)
      aws-eventstream (~> 1, >= 1.0.2)
      aws-partitions (~> 1, >= 1.651.0)
      aws-sigv4 (~> 1.5)
      jmespath (~> 1, >= 1.6.1)
    aws-sdk-kms (1.72.0)
      aws-sdk-core (~> 3, >= 3.184.0)
      aws-sigv4 (~> 1.1)
    aws-sdk-s3 (1.136.0)
      aws-sdk-core (~> 3, >= 3.181.0)
      aws-sdk-kms (~> 1)
      aws-sigv4 (~> 1.6)
    aws-sigv4 (1.6.0)
      aws-eventstream (~> 1, >= 1.0.2)
    backport (1.2.0)
-    base64 (0.1.1)
+    bcrypt (3.1.18)
    bcrypt (3.1.19)
    bech32 (1.4.2)
      thor (>= 1.1.0)
    benchmark (0.2.1)
    bindex (0.8.1)
    bip-schnorr (0.6.0)
      ecdsa_ext (~> 0.5.0)
    brow (0.4.1)
    builder (3.2.4)
    byebug (11.1.3)
-    capybara (3.39.2)
+    capybara (3.38.0)
      addressable
      matrix
      mini_mime (>= 0.1.3)
@@ -130,21 +85,20 @@ GEM
      regexp_parser (>= 1.5, < 3.0)
      xpath (~> 3.2)
    chunky_png (1.4.0)
-    concurrent-ruby (1.2.2)
+    concurrent-ruby (1.1.10)
-    connection_pool (2.4.1)
+    connection_pool (2.3.0)
    crack (0.4.5)
      rexml
    crass (1.0.6)
-    cssbundling-rails (1.3.3)
+    cssbundling-rails (1.1.1)
      railties (>= 6.0.0)
-    database_cleaner (2.0.2)
+    database_cleaner (2.0.1)
-      database_cleaner-active_record (>= 2, < 3)
+      database_cleaner-active_record (~> 2.0.0)
-    database_cleaner-active_record (2.1.0)
+    database_cleaner-active_record (2.0.1)
      activerecord (>= 5.a)
      database_cleaner-core (~> 2.0.0)
    database_cleaner-core (2.0.1)
-    date (3.3.3)
+    devise (4.9.0)
    devise (4.9.3)
      bcrypt (~> 3.0)
      orm_adapter (~> 0.1)
      railties (>= 4.1.0)
@@ -154,7 +108,7 @@ GEM
      devise (>= 3.4.1)
      net-ldap (>= 0.16.0)
    diff-lcs (1.5.0)
-    discourse_api (2.0.1)
+    discourse_api (2.0.0)
      faraday (~> 2.7)
      faraday-follow_redirects
      faraday-multipart
@@ -163,26 +117,18 @@ GEM
    dotenv-rails (2.8.1)
      dotenv (= 2.8.1)
      railties (>= 3.2)
    down (5.4.1)
      addressable (~> 2.8)
    e2mmap (0.1.0)
-    ecdsa (1.2.0)
+    erubi (1.11.0)
    ecdsa_ext (0.5.0)
      ecdsa (~> 1.2.0)
    erubi (1.12.0)
    et-orbi (1.2.7)
      tzinfo
    event_emitter (0.2.6)
    eventmachine (1.2.7)
    factory_bot (6.2.1)
      activesupport (>= 5.0.0)
    factory_bot_rails (6.2.0)
      factory_bot (~> 6.2.0)
      railties (>= 5.0.0)
-    faker (3.2.1)
+    faker (3.0.0)
      i18n (>= 1.8.11, < 2)
-    faraday (2.7.11)
+    faraday (2.7.1)
      base64
      faraday-net_http (>= 2.0, < 3.1)
      ruby2_keywords (>= 0.0.4)
    faraday-follow_redirects (0.3.0)
@@ -190,49 +136,40 @@ GEM
    faraday-multipart (1.0.4)
      multipart-post (~> 2)
    faraday-net_http (3.0.2)
-    faye-websocket (0.11.3)
+    ffi (1.15.5)
-      eventmachine (>= 0.12.0)
+    flipper (0.28.0)
      websocket-driver (>= 0.5.1)
    ffi (1.16.3)
    flipper (1.0.0)
      brow (~> 0.4.1)
      concurrent-ruby (< 2)
-    flipper-active_record (1.0.0)
+    flipper-active_record (0.28.0)
      activerecord (>= 4.2, < 8)
-      flipper (~> 1.0.0)
+      flipper (~> 0.28.0)
-    flipper-ui (1.0.0)
+    flipper-ui (0.28.0)
      erubi (>= 1.0.0, < 2.0.0)
-      flipper (~> 1.0.0)
+      flipper (~> 0.28.0)
-      rack (>= 1.4, < 4)
+      rack (>= 1.4, < 3)
      rack-protection (>= 1.5.3, <= 4.0.0)
      sanitize (< 7)
-    fugit (1.8.1)
+    fugit (1.7.2)
      et-orbi (~> 1, >= 1.2.7)
      raabro (~> 1.4)
-    globalid (1.2.1)
+    globalid (1.0.0)
-      activesupport (>= 6.1)
+      activesupport (>= 5.0)
    hashdiff (1.0.1)
-    i18n (1.14.1)
+    i18n (1.12.0)
      concurrent-ruby (~> 1.0)
-    image_processing (1.12.2)
+    importmap-rails (1.1.5)
      mini_magick (>= 4.9.5, < 5)
      ruby-vips (>= 2.0.17, < 3)
    importmap-rails (1.2.1)
      actionpack (>= 6.0.0)
      railties (>= 6.0.0)
-    jaro_winkler (1.5.6)
+    jaro_winkler (1.5.4)
    jbuilder (2.11.5)
      actionview (>= 5.0.0)
      activesupport (>= 5.0.0)
    jmespath (1.6.2)
    json (2.6.3)
    kramdown (2.4.0)
      rexml
    kramdown-parser-gfm (1.1.0)
      kramdown (~> 2.0)
-    language_server-protocol (3.17.0.3)
+    launchy (2.5.0)
-    launchy (2.5.2)
+      addressable (~> 2.7)
      addressable (~> 2.8)
    letter_opener (1.8.1)
      launchy (>= 2.2, < 3)
    letter_opener_web (2.0.0)
@@ -240,90 +177,78 @@ GEM
      letter_opener (~> 1.7)
      railties (>= 5.2)
      rexml
-    listen (3.8.0)
+    listen (3.7.1)
      rb-fsevent (~> 0.10, >= 0.10.3)
      rb-inotify (~> 0.9, >= 0.9.10)
-    lnurl (1.1.0)
+    lockbox (1.1.0)
-      bech32 (~> 1.1)
+    loofah (2.19.0)
    lockbox (1.3.0)
    loofah (2.21.4)
      crass (~> 1.0.2)
-      nokogiri (>= 1.12.0)
+      nokogiri (>= 1.5.9)
-    mail (2.8.1)
+    mail (2.7.1)
      mini_mime (>= 0.1.1)
      net-imap
      net-pop
      net-smtp
    marcel (1.0.2)
    matrix (0.4.2)
    method_source (1.0.0)
-    mini_magick (4.12.0)
+    mini_mime (1.1.2)
-    mini_mime (1.1.5)
+    mini_portile2 (2.8.0)
-    minitest (5.20.0)
+    minitest (5.16.3)
    multipart-post (2.3.0)
-    net-imap (0.3.7)
+    net-imap (0.3.1)
      date
      net-protocol
-    net-ldap (0.18.0)
+    net-ldap (0.17.1)
    net-pop (0.1.2)
      net-protocol
-    net-protocol (0.2.1)
+    net-protocol (0.1.3)
      timeout
-    net-smtp (0.4.0)
+    net-smtp (0.3.3)
      net-protocol
-    nio4r (2.5.9)
+    nio4r (2.5.8)
-    nokogiri (1.15.4-arm64-darwin)
+    nokogiri (1.13.9)
      mini_portile2 (~> 2.8.0)
      racc (~> 1.4)
-    nokogiri (1.15.4-x86_64-linux)
+    nokogiri (1.13.9-x86_64-linux)
      racc (~> 1.4)
    orm_adapter (0.5.0)
-    pagy (6.1.0)
+    pagy (6.0.2)
-    parallel (1.23.0)
+    parallel (1.22.1)
-    parser (3.2.2.4)
+    parser (3.2.1.1)
      ast (~> 2.4.1)
      racc
    pg (1.2.3)
-    public_suffix (5.0.3)
+    public_suffix (5.0.0)
    puma (4.3.12)
      nio4r (~> 2.0)
    raabro (1.4.0)
-    racc (1.7.1)
+    racc (1.6.0)
-    rack (2.2.8)
+    rack (2.2.4)
-    rack-protection (3.1.0)
+    rack-protection (3.0.6)
-      rack (~> 2.2, >= 2.2.4)
+      rack
-    rack-test (2.1.0)
+    rack-test (2.0.2)
      rack (>= 1.3)
-    rails (7.0.8)
+    rails (7.0.4)
-      actioncable (= 7.0.8)
+      actioncable (= 7.0.4)
-      actionmailbox (= 7.0.8)
+      actionmailbox (= 7.0.4)
-      actionmailer (= 7.0.8)
+      actionmailer (= 7.0.4)
-      actionpack (= 7.0.8)
+      actionpack (= 7.0.4)
-      actiontext (= 7.0.8)
+      actiontext (= 7.0.4)
-      actionview (= 7.0.8)
+      actionview (= 7.0.4)
-      activejob (= 7.0.8)
+      activejob (= 7.0.4)
-      activemodel (= 7.0.8)
+      activemodel (= 7.0.4)
-      activerecord (= 7.0.8)
+      activerecord (= 7.0.4)
-      activestorage (= 7.0.8)
+      activestorage (= 7.0.4)
-      activesupport (= 7.0.8)
+      activesupport (= 7.0.4)
      bundler (>= 1.15.0)
-      railties (= 7.0.8)
+      railties (= 7.0.4)
-    rails-controller-testing (1.0.5)
+    rails-dom-testing (2.0.3)
-      actionpack (>= 5.0.1.rc1)
+      activesupport (>= 4.2.0)
      actionview (>= 5.0.1.rc1)
      activesupport (>= 5.0.1.rc1)
    rails-dom-testing (2.2.0)
      activesupport (>= 5.0.0)
      minitest
      nokogiri (>= 1.6)
-    rails-html-sanitizer (1.6.0)
+    rails-html-sanitizer (1.4.3)
-      loofah (~> 2.21)
+      loofah (~> 2.3)
      nokogiri (~> 1.14)
    rails-settings-cached (2.8.3)
      activerecord (>= 5.0.0)
      railties (>= 5.0.0)
-    railties (7.0.8)
+    railties (7.0.4)
-      actionpack (= 7.0.8)
+      actionpack (= 7.0.4)
-      activesupport (= 7.0.8)
+      activesupport (= 7.0.4)
      method_source
      rake (>= 12.2)
      thor (~> 1.0)
@@ -333,139 +258,138 @@ GEM
    rb-fsevent (0.11.2)
    rb-inotify (0.10.1)
      ffi (~> 1.0)
-    rbs (2.8.4)
+    redis (5.0.5)
-    redis (4.8.1)
+      redis-client (>= 0.9.0)
-    regexp_parser (2.8.2)
+    redis-client (0.11.2)
-    responders (3.1.1)
+      connection_pool
    regexp_parser (2.6.1)
    responders (3.1.0)
      actionpack (>= 5.2)
      railties (>= 5.2)
    reverse_markdown (2.1.1)
      nokogiri
-    rexml (3.2.6)
+    rexml (3.2.5)
-    rqrcode (2.2.0)
+    rqrcode (2.1.2)
      chunky_png (~> 1.0)
      rqrcode_core (~> 1.0)
    rqrcode_core (1.2.0)
-    rspec-core (3.12.2)
+    rspec-core (3.12.0)
      rspec-support (~> 3.12.0)
-    rspec-expectations (3.12.3)
+    rspec-expectations (3.12.0)
      diff-lcs (>= 1.2.0, < 2.0)
      rspec-support (~> 3.12.0)
-    rspec-mocks (3.12.6)
+    rspec-mocks (3.12.0)
      diff-lcs (>= 1.2.0, < 2.0)
      rspec-support (~> 3.12.0)
-    rspec-rails (6.0.3)
+    rspec-rails (6.0.1)
      actionpack (>= 6.1)
      activesupport (>= 6.1)
      railties (>= 6.1)
-      rspec-core (~> 3.12)
+      rspec-core (~> 3.11)
-      rspec-expectations (~> 3.12)
+      rspec-expectations (~> 3.11)
-      rspec-mocks (~> 3.12)
+      rspec-mocks (~> 3.11)
-      rspec-support (~> 3.12)
+      rspec-support (~> 3.11)
-    rspec-support (3.12.1)
+    rspec-support (3.12.0)
-    rubocop (1.57.1)
+    rubocop (1.48.1)
      base64 (~> 0.1.1)
      json (~> 2.3)
      language_server-protocol (>= 3.17.0)
      parallel (~> 1.10)
-      parser (>= 3.2.2.4)
+      parser (>= 3.2.0.0)
      rainbow (>= 2.2.2, < 4.0)
      regexp_parser (>= 1.8, < 3.0)
      rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.28.1, < 2.0)
+      rubocop-ast (>= 1.26.0, < 2.0)
      ruby-progressbar (~> 1.7)
      unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.29.0)
+    rubocop-ast (1.28.0)
      parser (>= 3.2.1.0)
    ruby-progressbar (1.13.0)
    ruby-vips (2.2.0)
      ffi (~> 1.12)
    ruby2_keywords (0.0.5)
-    rufus-scheduler (3.9.1)
+    rufus-scheduler (3.8.2)
      fugit (~> 1.1, >= 1.1.6)
-    sanitize (6.1.0)
+    sanitize (6.0.1)
      crass (~> 1.0.2)
      nokogiri (>= 1.12.0)
-    sentry-rails (5.12.0)
+    sentry-rails (5.8.0)
      railties (>= 5.0)
-      sentry-ruby (~> 5.12.0)
+      sentry-ruby (~> 5.8.0)
-    sentry-ruby (5.12.0)
+    sentry-ruby (5.8.0)
      concurrent-ruby (~> 1.0, >= 1.0.2)
-    sidekiq (6.5.12)
+    sidekiq (6.5.5)
-      connection_pool (>= 2.2.5, < 3)
+      connection_pool (>= 2.2.2)
      rack (~> 2.0)
-      redis (>= 4.5.0, < 5)
+      redis (>= 4.5.0)
-    sidekiq-scheduler (5.0.3)
+    sidekiq-scheduler (4.0.3)
      redis (>= 4.2.0)
      rufus-scheduler (~> 3.2)
-      sidekiq (>= 6, < 8)
+      sidekiq (>= 4, < 7)
      tilt (>= 1.4.0)
-    solargraph (0.49.0)
+    solargraph (0.48.0)
      backport (~> 1.2)
      benchmark
-      bundler (~> 2.0)
+      bundler (>= 1.17.2)
      diff-lcs (~> 1.4)
      e2mmap
      jaro_winkler (~> 1.5)
      kramdown (~> 2.3)
      kramdown-parser-gfm (~> 1.1)
      parser (~> 3.0)
-      rbs (~> 2.0)
+      reverse_markdown (>= 1.0.5, < 3)
-      reverse_markdown (~> 2.0)
+      rubocop (>= 0.52)
      rubocop (~> 1.38)
      thor (~> 1.0)
      tilt (~> 2.0)
      yard (~> 0.9, >= 0.9.24)
-    sprockets (4.2.1)
+    sprockets (4.1.1)
      concurrent-ruby (~> 1.0)
-      rack (>= 2.2.4, < 4)
+      rack (> 1, < 3)
    sprockets-rails (3.4.2)
      actionpack (>= 5.2)
      activesupport (>= 5.2)
      sprockets (>= 3.0.0)
-    sqlite3 (1.6.7-arm64-darwin)
+    sqlite3 (1.5.4)
-    sqlite3 (1.6.7-x86_64-linux)
+      mini_portile2 (~> 2.8.0)
-    stimulus-rails (1.3.0)
+    sqlite3 (1.5.4-x86_64-linux)
    stimulus-rails (1.2.1)
      railties (>= 6.0.0)
-    thor (1.3.0)
+    thor (1.2.1)
-    tilt (2.3.0)
+    tilt (2.0.11)
-    timeout (0.4.0)
+    timeout (0.3.0)
-    turbo-rails (1.5.0)
+    turbo-rails (1.3.2)
      actionpack (>= 6.0.0)
      activejob (>= 6.0.0)
      railties (>= 6.0.0)
-    tzinfo (2.0.6)
+    tzinfo (2.0.5)
      concurrent-ruby (~> 1.0)
-    unicode-display_width (2.5.0)
+    unicode-display_width (2.4.2)
-    view_component (3.6.0)
+    view_component (2.78.0)
-      activesupport (>= 5.2.0, < 8.0)
+      activesupport (>= 5.0.0, < 8.0)
      concurrent-ruby (~> 1.0)
      method_source (~> 1.0)
    warden (1.2.9)
      rack (>= 2.0.9)
-    web-console (4.2.1)
+    web-console (4.2.0)
      actionview (>= 6.0.0)
      activemodel (>= 6.0.0)
      bindex (>= 0.4.0)
      railties (>= 6.0.0)
-    webmock (3.19.1)
+    webmock (3.18.1)
      addressable (>= 2.8.0)
      crack (>= 0.3.2)
      hashdiff (>= 0.4.0, < 2.0.0)
-    websocket-driver (0.7.6)
+    webrick (1.7.0)
    websocket-driver (0.7.5)
      websocket-extensions (>= 0.1.0)
    websocket-extensions (0.1.5)
    xpath (3.2.0)
      nokogiri (~> 1.8)
-    yard (0.9.34)
+    yard (0.9.28)
-    zeitwerk (2.6.12)
+      webrick (~> 1.7.0)
    zeitwerk (2.6.6)
 PLATFORMS
  arm64-darwin-22
  ruby
  x86_64-linux
 DEPENDENCIES
  aws-sdk-s3
  byebug (~> 11.1)
  capybara
  cssbundling-rails
@@ -474,29 +398,23 @@ DEPENDENCIES
  devise_ldap_authenticatable
  discourse_api
  dotenv-rails
  down
  factory_bot_rails
  faker
  faraday
  flipper
  flipper-active_record
  flipper-ui
  image_processing (~> 1.12.2)
  importmap-rails
  jbuilder (~> 2.7)
  letter_opener
  letter_opener_web
  listen (~> 3.2)
  lnurl
  lockbox
  manifique!
  net-ldap
  nostr!
  pagy (~> 6.0, >= 6.0.2)
  pg (~> 1.2.3)
  puma (~> 4.1)
  rails (~> 7.0.2)
  rails-controller-testing
  rails-settings-cached (~> 2.8.3)
  rqrcode (~> 2.0)
  rspec-rails
--- a/README.md
+++ b/README.md
@@ -14,6 +14,7 @@ so:
 1. Make sure [Docker Compose is installed][1] and Docker is running (included in
   Docker Desktop)
 2. Uncomment the `redis`, `web`, and `sidekiq` sections in `docker-compose.yml`
 3. Run `docker compose up` and wait until 389ds announces its successful start
   in the log output
 4. `docker-compose exec ldap dsconf localhost backend create --suffix="dc=kosmos,dc=org" --be-name="dev"`
@@ -52,14 +53,12 @@ Running all specs:
 ### Docker (Compose)
-There is a working Docker Compose config file, which define a number of services including
+There is a working Docker Compose config file, which allows you to spin up both
 an app server for Rails as well as a local 389ds (LDAP) server.
-For Rails developers, you probably just want to start the LDAP server: `docker-compose up ldap`, 
+By default, `docker-compose up` will only start the LDAP server, listening on
-listening on port 389 on your machine. 
+port 389 on your machine. Uncomment other services in `docker-compose.yml` if
-
+you want to use them.
 You can pick and choose your services adding them by name (listed in `docker-compose.yml`) at 
 the end of the docker compose command. eg. `docker compose up ldap redis`
 #### LDAP server
@@ -79,27 +78,6 @@ The setup task will first delete any existing entries in the directory tree
 Note that all 389ds data is stored in `tmp/389ds`. So if you want to start over
 with a fresh installation, delete both that directory as well as the container.
 #### Minio / RS
 If you want to run remoteStorage accounts locally, you will have to create the
 respective bucket first:
 * `docker compose up web redis minio liquor-cabinet`
 * Head to http://localhost:9001 and log in with user `minioadmin`, password
  `minioadmin`
 * Create a new bucket called `remotestorage` (or whatever you
  change the `S3_BUCKET` config to)
 * Create a new key with ID "dev-key" and secret "123456789" (or whatever you
  change `S3_ACCESS_KEY` and `S3_SECRET_KEY` to). Leave the policy field empty,
  as it will automatically allow access to the bucket you created.
 ### Adding npm modules to use with Stimulus controllers
 The following command downloads the specified npm module to `vendor/javascript`
 and adds an entry for it to `config/importmap.rb`.
    bin/importmap pin bech32 --download
 ### Solargraph
 [Solargraph](https://solargraph.org/) is a Ruby language server, which you may
@@ -120,8 +98,6 @@ command:
 * [Tailwind CSS](https://tailwindcss.com/)
 * [Sass](https://sass-lang.com/documentation)
 * [Stimulus](https://stimulus.hotwired.dev/handbook/)
 * [Tailwind Stimulus Components](https://github.com/excid3/tailwindcss-stimulus-components)
 ### Testing
--- a/app/assets/config/manifest.js
+++ b/app/assets/config/manifest.js
@@ -1,4 +1,3 @@
 //= link_tree ../images
 //= link_tree ../../javascript .js
 //= link_tree ../builds
 //= link_tree ../../../vendor/javascript .js
--- a/app/assets/stylesheets/application.tailwind.css
+++ b/app/assets/stylesheets/application.tailwind.css
@@ -2,7 +2,6 @@
@import "tailwindcss/components";
@import "tailwindcss/utilities";
@import "components/animations";
@import "components/base";
@import "components/buttons";
@import "components/dashboard_services";
--- a/app/assets/stylesheets/components/animations.css
+++ b/app/assets/stylesheets/components/animations.css
@@ -1,16 +0,0 @@
@keyframes scaleIn {
  from {
    transform: scale(0.5);
    opacity: 0;
  }
  to {
    transform: scale(1);
    opacity: 1;
  }
 }
 .animate-scale-in {
  animation-name: scaleIn;
  animation-duration: 0.15s;
  animation-timing-function: cubic-bezier(0.2, 0, 0.13, 1);
 }
--- a/app/assets/stylesheets/components/base.css
+++ b/app/assets/stylesheets/components/base.css
@@ -24,10 +24,6 @@
    @apply text-xl mb-6;
  }
  h4 {
    @apply font-bold mb-4 leading-6;
  }
  main section {
    @apply pt-8 sm:pt-12;
  }
--- a/app/assets/stylesheets/components/buttons.css
+++ b/app/assets/stylesheets/components/buttons.css
@@ -15,11 +15,7 @@
  }
  .btn-icon {
-    @apply py-2 px-3;
+    @apply px-3;
  }
  .btn-outline {
    @apply py-2 border-2 border-gray-100 hover:bg-gray-100;
  }
  .btn-gray {
@@ -36,9 +32,4 @@
    @apply bg-red-600 hover:bg-red-700 text-white
           focus:ring-red-500 focus:ring-opacity-75;
  }
  .btn:disabled {
    @apply bg-gray-100 hover:bg-gray-200 text-gray-400
           focus:ring-gray-300 focus:ring-opacity-75;
  }
 }
--- a/app/assets/stylesheets/components/forms.css
+++ b/app/assets/stylesheets/components/forms.css
@@ -15,10 +15,6 @@
    @apply border-b-red-600;
  }
  .field_with_errors {
    @apply inline-block;
  }
  .error-msg {
    @apply text-red-700;
  }
--- a/app/components/app_info_component.html.erb
+++ b/app/components/app_info_component.html.erb
@@ -1,15 +0,0 @@
 <div class="flex">
  <div class="<%= @icon_container_class %>">
    <%= image_tag(@icon_path, class: 'h-full w-full') %>
  </div>
  <div class="flex-1 px-4">
    <h4 class="sm:pt-2 mb-2 text-lg font-bold"><%= @name %></h4>
    <p class="leading-snug"><%= @description %></p>
    <p class="leading-snug flex flex-wrap gap-3">
      <% @links.each do |link| %>
        <a href="<%= link[1] %>" target="_blank"
           class="flex-0 btn-sm btn-gray"><%= link[0] %></a>
      <% end %>
    </p>
  </div>
 </div>
--- a/app/components/app_info_component.rb
+++ b/app/components/app_info_component.rb
@@ -1,19 +0,0 @@
 # frozen_string_literal: true
 class AppInfoComponent < ViewComponent::Base
  def initialize(name:, description:, icon_path: , icon_fill_box: false, links: [])
    @name = name
    @description = description
    @icon_path = icon_path
    @icon_container_class = icon_container_class(icon_fill_box)
    @links = links
  end
  def icon_container_class(icon_fill_box)
    str = "flex-0 h-16 w-16 sm:h-28 sm:w-28 bg-white rounded-3xl overflow-hidden"
    unless icon_fill_box
      str += " p-2 border border-gray-200"
    end
    str
  end
 end
--- a/app/components/dropdown_component.html.erb
+++ b/app/components/dropdown_component.html.erb
@@ -1,26 +0,0 @@
 <div data-controller="dropdown" data-action="click->dropdown#toggle click@window->dropdown#hide">
  <div class="relative inline-block">
    <div role="button" tabindex="0" data-dropdown-target="button"
         class="inline-block select-none">
      <span class="appearance-none flex items-center inline-block">
        <span class="p-2 bg-gray-50 hover:bg-gray-100 rounded-full">
          <%= render partial: "icons/kebab-menu", locals: {
                     custom_class: "inline text-gray-500 h-6 w-6"
          } %>
        </span>
      </span>
    </div>
    <div data-dropdown-target="menu"
         data-transition-enter="transition ease-out duration-200"
         data-transition-enter-from="opacity-0 translate-y-1"
         data-transition-enter-to="opacity-100 translate-y-0"
         data-transition-leave="transition ease-in duration-150"
         data-transition-leave-from="opacity-100 translate-y-0"
         data-transition-leave-to="opacity-0 translate-y-1"
         class="hidden absolute top-4 right-0 z-10 mt-5 flex w-screen max-w-max">
      <div class="bg-white shadow-lg rounded border overflow-hidden w-auto">
        <%= content %>
      </div>
    </div>
  </div>
 </div>
--- a/app/components/dropdown_component.rb
+++ b/app/components/dropdown_component.rb
@@ -1,5 +0,0 @@
 # frozen_string_literal: true
 class DropdownComponent < ViewComponent::Base
 end
--- a/app/components/dropdown_link_component.html.erb
+++ b/app/components/dropdown_link_component.html.erb
@@ -1,6 +0,0 @@
 <%= link_to @href, class: @class, data: {
      'dropdown-target': "menuItem",
      'action': "keydown.up->dropdown#previousItem:prevent keydown.down->dropdown#nextItem:prevent"
    } do %>
  <%= content %>
 <% end %>
--- a/app/components/dropdown_link_component.rb
+++ b/app/components/dropdown_link_component.rb
@@ -1,18 +0,0 @@
 # frozen_string_literal: true
 class DropdownLinkComponent < ViewComponent::Base
  def initialize(href:, separator: false, add_class: nil)
    @href = href
    @class = class_str(separator, add_class)
  end
  private
  def class_str(separator, add_class)
    str = "no-underline block px-5 py-3 text-sm text-gray-900 bg-white
           hover:bg-gray-100 focus:bg-gray-100 whitespace-no-wrap"
    str = "#{str} border-t" if separator
    str = "#{str} #{add_class}" if add_class
    str
  end
 end
--- a/app/components/form_elements/fieldset_component.html.erb
+++ b/app/components/form_elements/fieldset_component.html.erb
@@ -1,6 +1,4 @@
-<%= tag.public_send(@tag, class: "mb-6 last:mb-0", data: {
+<%= tag.public_send(@tag, class: "mb-6 last:mb-0") do %>
      :'field-name' => @field_name
    }) do %>
  <% if @positioning == :vertical %>
  <label class="block">
    <p class="font-bold <%= @descripton.present? ? "mb-1" : "mb-2" %>">
@@ -11,21 +9,7 @@
      <%= @descripton %>
    </p>
    <% end %>
-
+    <%= content %>
    <%= tag.p class: "flex gap-x-1", data: {
                controller: @resettable ? "settings--resettable-field" : nil,
              } do %>
      <%= content %>
      <% if @resettable %>
        <button type="button"
                class="relative grow-0 shrink-0 btn-md btn-outline text-red-700"
                title="Reset to default value"
                data-settings--resettable-field-target="resetButton"
                data-action="settings--resettable-field#resetField">
          Reset
        </button>
      <% end %>
    <% end %>
  </label>
  <% elsif @positioning == :horizontal %>
  <label class="block flex items-center justify-between">
--- a/app/components/form_elements/fieldset_component.rb
+++ b/app/components/form_elements/fieldset_component.rb
@@ -2,15 +2,11 @@
 module FormElements
  class FieldsetComponent < ViewComponent::Base
-    def initialize(tag: "li", positioning: :vertical,
+    def initialize(tag: "li", positioning: :vertical, title:, description: nil)
                   title:, description: nil,
                   field_name: nil, resettable: false)
      @tag         = tag
      @positioning = positioning
      @title       = title
      @descripton  = description
      @field_name  = field_name
      @resettable  = resettable
    end
  end
 end
--- a/app/components/form_elements/fieldset_resettable_setting_component.html.erb
+++ b/app/components/form_elements/fieldset_resettable_setting_component.html.erb
@@ -1,13 +0,0 @@
 <%= render FormElements::FieldsetComponent.new(
      title: @title,
      description: @description,
      field_name: "setting_#{@key.to_s}",
      resettable: @resettable
    ) do %>
  <%= method("#{@type}_field").call :setting, @key,
    value: Setting.public_send(@key),
    data: {
      :'default-value' => Setting.get_field(@key)[:default]
    },
    class: "w-full" %>
 <% end %>
--- a/app/components/form_elements/fieldset_resettable_setting_component.rb
+++ b/app/components/form_elements/fieldset_resettable_setting_component.rb
@@ -1,20 +0,0 @@
 # frozen_string_literal: true
 module FormElements
  class FieldsetResettableSettingComponent < ViewComponent::Base
    def initialize(tag: "li", key:, type: :text, title:, description: nil)
      @tag         = tag
      @positioning = :vertical
      @title       = title
      @description  = description
      @key         = key.to_sym
      @type        = type
      @resettable  = is_resettable?(@key)
    end
    def is_resettable?(key)
      default_value = Setting.get_field(key)[:default]
      default_value.present? && (default_value != Setting.send(key))
    end
  end
 end
--- a/app/components/header_tab_link_component.html.erb
+++ b/app/components/header_tab_link_component.html.erb
@@ -0,0 +1,3 @@
 <%= link_to @path, class: @link_class do %>
  <%= @name %>
 <% end %>
--- a/app/components/header_tab_link_component.rb
+++ b/app/components/header_tab_link_component.rb
@@ -0,0 +1,20 @@
 # frozen_string_literal: true
 class HeaderTabLinkComponent < ViewComponent::Base
  def initialize(name:, path:, active: false, disabled: false)
    @name = name
    @path = path
    @active = active
    @disabled = disabled
    @link_class = class_names_link(path)
  end
  def class_names_link(path)
    common = "block md:inline-block px-5 py-2 rounded-md font-medium text-base md:text-xl"
    if @active
      "#{common} bg-gray-900/50 text-white"
    else
      "#{common} text-gray-300 hover:bg-gray-900/30 hover:text-white active:bg-gray-900/30 active:text-white"
    end
  end
 end
--- a/app/components/header_with_tabs_component.html.erb
+++ b/app/components/header_with_tabs_component.html.erb
@@ -0,0 +1,12 @@
 <header class="py-10">
  <div class="max-w-6xl md:flex md:gap-x-10 mx-auto px-4 sm:px-6 lg:px-8">
    <% if @title.present? %>
    <h1 class="text-3xl font-bold text-white">
      <%= @title %>
    </h1>
    <% end %>
    <nav class="md:grow flex gap-x-4 <%= @title.present? ? "justify-end" : "justify-start" %>" aria-label="Tabs">
      <%= render partial: @tabnav_partial %>
    </nav>
  </div>
 </header>
--- a/app/components/header_with_tabs_component.rb
+++ b/app/components/header_with_tabs_component.rb
@@ -0,0 +1,8 @@
 # frozen_string_literal: true
 class HeaderWithTabsComponent < ViewComponent::Base
  def initialize(title: nil, tabnav_partial:)
    @title = title
    @tabnav_partial = tabnav_partial
  end
 end
--- a/app/components/modal_component.html.erb
+++ b/app/components/modal_component.html.erb
@@ -1,28 +0,0 @@
 <div tabindex="-1" class="relative z-10">
  <!-- Modal Background -->
  <div class="hidden fixed inset-0 bg-black bg-opacity-80 overflow-y-auto flex items-center justify-center"
        data-modal-target="background"
        data-action="click->modal#closeBackground"
        data-transition-enter="transition-all ease-in-out duration-100"
        data-transition-enter-from="bg-opacity-0"
        data-transition-enter-to="bg-opacity-80"
        data-transition-leave="transition-all ease-in-out duration-100"
        data-transition-leave-from="bg-opacity-80"
        data-transition-leave-to="bg-opacity-0">
    <!-- Modal Container -->
    <div data-modal-target="container"
         class="max-h-screen w-auto max-w-lg relative
                hidden animate-scale-in fixed inset-0 overflow-y-auto flex items-center justify-center">
      <!-- Modal Card -->
      <div class="m-1 bg-white rounded shadow">
        <div class="p-8">
          <%= content %>
          <div class="flex justify-end items-center flex-wrap mt-6">
            <button class="btn-md btn-blue" data-action="click->modal#close:prevent">Close</button>
          </div>
        </div>
      </div>
    </div>
  </div>
 </div>
--- a/app/components/modal_component.rb
+++ b/app/components/modal_component.rb
@@ -1,2 +0,0 @@
 class ModalComponent < ViewComponent::Base
 end
--- a/app/components/qr_code_modal_component.html.erb
+++ b/app/components/qr_code_modal_component.html.erb
@@ -1,6 +0,0 @@
 <%= render ModalComponent.new do %>
  <% if @descripton.present? %>
    <p class="mb-6"><%= @description %></p>
  <% end %>
  <p><%= raw @qr_code_svg %></p>
 <% end %>
--- a/app/components/qr_code_modal_component.rb
+++ b/app/components/qr_code_modal_component.rb
@@ -1,24 +0,0 @@
 require "rqrcode"
 class QrCodeModalComponent < ViewComponent::Base
  def initialize(qr_content:, description: nil)
    @description = description
    @qr_code_svg = qr_code_svg(qr_content)
  end
  private
  def qr_code_svg(content)
    qr_code = RQRCode::QRCode.new(content)
    qr_code.as_svg(
      color: "000",
      shape_rendering: "crispEdges",
      module_size: 6,
      standalone: true,
      use_path: true,
      svg_attributes: {
        class: 'inline-block'
      }
    )
  end
 end
--- a/app/components/rs_auth_component.html.erb
+++ b/app/components/rs_auth_component.html.erb
@@ -1,26 +0,0 @@
 <div class="flex items-center gap-4">
  <div class="h-16 w-16 flex-none">
    <%= image_tag s3_image_url(@web_app.icon), class: "h-full w-full" %>
  </div>
  <div class="flex-grow">
    <h4 class="mb-1 text-lg font-bold">
      <%= @web_app.name %>
    </h4>
    <p class="text-sm text-gray-500">
      <%= @auth.client_id %>
    </p>
  </div>
  <%= render DropdownComponent.new do %>
    <%= render DropdownLinkComponent.new(
          href: launch_app_services_storage_rs_auth_url(@auth)
        ) do %>
      Launch app
    <% end %>
    <%= render DropdownLinkComponent.new(
          href: revoke_services_storage_rs_auth_url(@auth),
          separator: true, add_class: "text-red-700"
        ) do %>
      Revoke access
    <% end %>
  <% end %>
 </div>
--- a/app/components/rs_auth_component.rb
+++ b/app/components/rs_auth_component.rb
@@ -1,8 +0,0 @@
 # frozen_string_literal: true
 class RsAuthComponent < ViewComponent::Base
  def initialize(auth:)
    @auth = auth
    @web_app = auth.web_app
  end
 end
--- a/app/components/sidenav_link_component.html.erb
+++ b/app/components/sidenav_link_component.html.erb
@@ -1,8 +1,4 @@
 <%= link_to @path, class: @link_class, title: (@disabled ? "Coming soon" : nil) do %>
  <% if @icon.present? %>
  <%= render partial: "icons/#{@icon}", locals: { custom_class: @icon_class } %>
  <% elsif @text_icon.present? %>
  <span class="mr-3"><%= @text_icon %></span>
  <% end %>
  <span class="truncate"><%= @name %></span>
 <% end %>
--- a/app/components/sidenav_link_component.rb
+++ b/app/components/sidenav_link_component.rb
@@ -1,13 +1,11 @@
 # frozen_string_literal: true
 class SidenavLinkComponent < ViewComponent::Base
-  def initialize(name:, level: 1, path:, icon: nil, text_icon: nil,
+  def initialize(name:, level: 1, path:, icon:, active: false, disabled: false)
                 active: false, disabled: false)
    @name = name
    @level = level
    @path = path
    @icon = icon
    @text_icon = text_icon
    @active = active
    @disabled = disabled
    @link_class = class_names_link(path)
--- a/app/controllers/admin/app_catalog/web_apps_controller.rb
+++ b/app/controllers/admin/app_catalog/web_apps_controller.rb
@@ -1,9 +0,0 @@
 class Admin::AppCatalog::WebAppsController < Admin::AppCatalogController
  def index
    @pagy, @web_apps = pagy(AppCatalog::WebApp.order('created_at desc'))
    @stats = {
      known_apps: AppCatalog::WebApp.count
    }
  end
 end
--- a/app/controllers/admin/app_catalog_controller.rb
+++ b/app/controllers/admin/app_catalog_controller.rb
@@ -1,9 +0,0 @@
 class Admin::AppCatalogController < Admin::BaseController
  before_action :set_current_section
  private
    def set_current_section
      @current_section = :app_catalog
    end
 end
--- a/app/controllers/admin/settings/services_controller.rb
+++ b/app/controllers/admin/settings/services_controller.rb
@@ -3,7 +3,7 @@ class Admin::Settings::ServicesController < Admin::SettingsController
    @service = params[:s]
    if @service.blank?
-      redirect_to admin_settings_services_path(params: { s: "btcpay" })
+      redirect_to admin_settings_services_path(params: { s: "discourse" })
    end
  end
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@@ -4,7 +4,7 @@ class Admin::UsersController < Admin::BaseController
  def index
    ldap   = LdapService.new
-    @ou    = params[:ou] || Setting.primary_domain
+    @ou    = params[:ou] || "kosmos.org"
    @orgs  = ldap.fetch_organizations
    @pagy, @users = pagy(User.where(ou: @ou).order(cn: :asc))
@@ -20,8 +20,6 @@ class Admin::UsersController < Admin::BaseController
    end
    @services_enabled = @user.services_enabled
    @avatar = LdapManager::FetchAvatar.call(cn: @user.cn, ou: @user.ou)
  end
  private
--- a/app/controllers/api/btcpay_controller.rb
+++ b/app/controllers/api/btcpay_controller.rb
@@ -1,29 +0,0 @@
 class Api::BtcpayController < Api::BaseController
  before_action :require_feature_enabled
  def onchain_btc_balance
    balance = BtcpayManager::FetchOnchainWalletBalance.call
    render json: balance
  rescue => error
    Rails.logger.warn "Failed to fetch BTC wallet balance: #{error.message}"
    render json: { error: 'Failed to fetch wallet balance' },
           status: 500
  end
  def lightning_btc_balance
    balance = BtcpayManager::FetchLightningWalletBalance.call
    render json: balance
  rescue => error
    Rails.logger.warn "Failed to fetch BTC lightning balance: #{error.message}"
    render json: { error: 'Failed to fetch wallet balance' },
           status: 500
  end
  private
    def require_feature_enabled
      unless Setting.btcpay_publish_wallet_balances
        http_status :not_found and return
      end
    end
 end
--- a/app/controllers/api/kredits_controller.rb
+++ b/app/controllers/api/kredits_controller.rb
@@ -0,0 +1,13 @@
 class Api::KreditsController < Api::BaseController
  def onchain_btc_balance
    btcpay = BtcPay.new
    balance = btcpay.onchain_wallet_balance
    render json: balance
  rescue => error
    Rails.logger.warn "Failed to fetch kredits BTC wallet balance: #{error.message}"
    render json: { error: 'Failed to fetch wallet balance' },
           status: 500
  end
 end
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -37,8 +37,4 @@ class ApplicationController < ActionController::Base
      format.any  { head status }
    end
  end
  def after_sign_in_path_for(user)
    session[:user_return_to] || root_path
  end
 end
--- a/app/controllers/rs/oauth_controller.rb
+++ b/app/controllers/rs/oauth_controller.rb
@@ -1,131 +0,0 @@
 class Rs::OauthController < ApplicationController
  before_action :require_signed_in_with_username, only: :new
  before_action :authenticate_user!, only: :create
  def new
    @user          = User.where(cn: params[:username].downcase, ou: Setting.primary_domain).first
    @scopes        = parse_scopes params[:scope]
    @redirect_uri  = params[:redirect_uri]
    @client_id     = params[:client_id]
    @state         = params[:state]
    @root_access_requested = (@scopes & [":r",":rw"]).any?
    @denial_url = url_with_state("#{@redirect_uri}#error=access_denied", @state)
    @expire_at_dates = [["Never", nil],
                        ["In 1 month", 1.month.from_now],
                        ["In 1 day", 1.day.from_now]]
    http_status :bad_request and return unless @redirect_uri.present?
    unless current_user == @user
      sign_out :user
      redirect_to new_rs_oauth_url(@user.cn,
                                   scope: params[:scope],
                                   redirect_uri: params[:redirect_uri],
                                   client_id: params[:client_id],
                                   state: params[:state])
      return
    end
    unless @client_id.present?
      redirect_to(url_with_state("#{@redirect_uri}#error=invalid_request", @state),
                  allow_other_host: true) and return
    end
    if @scopes.empty?
      redirect_to(url_with_state("#{@redirect_uri}#error=invalid_scope", @state),
                  allow_other_host: true) and return
    end
    unless hostname_of(@client_id) == hostname_of(@redirect_uri)
      redirect_to(url_with_state("#{@redirect_uri}#error=invalid_client", @state),
                  allow_other_host: true) and return
    end
    @client_id.gsub!(/http(s)?:\/\//, "")
    if auth = current_user.remote_storage_authorizations.valid.where(permissions: @scopes, client_id: @client_id).first
      redirect_to(url_with_state("#{@redirect_uri}#access_token=#{auth.token}", @state),
                  allow_other_host: true) and return
    end
  end
  def create
    unless current_user.id.to_s == params[:user_id]
      Rails.logger.info("NO MATCH: #{params[:user_id]}, #{current_user.id}")
      http_status :forbidden and return
    end
    permissions  = parse_scopes params[:scope]
    redirect_uri = params[:redirect_uri].presence
    client_id    = params[:client_id].presence
    state        = params[:state].presence
    expire_at    = params[:expire_at].presence
    http_status :bad_request and return unless redirect_uri.present?
    if permissions.empty?
      redirect_to(url_with_state("#{redirect_uri}#error=invalid_scope", state),
                  allow_other_host: true) and return
    end
    unless client_id.present?
      redirect_to(url_with_state("#{redirect_uri}#error=invalid_request", state),
                  allow_other_host: true) and return
    end
    unless hostname_of(client_id) == hostname_of(redirect_uri)
      redirect_to(url_with_state("#{redirect_uri}#error=invalid_client", state),
                  allow_other_host: true) and return
    end
    client_id.gsub!(/http(s)?:\/\//, "")
    auth = current_user.remote_storage_authorizations.create!(
      permissions: permissions,
      client_id: client_id,
      redirect_uri: redirect_uri,
      app_name: client_id,
      expire_at: expire_at
    )
    redirect_to url_with_state("#{redirect_uri}#access_token=#{auth.token}", state),
                allow_other_host: true
  end
  private
  def require_signed_in_with_username
    unless user_signed_in?
      session[:user_return_to] = request.url
      redirect_to new_user_session_path(cn: params[:username], ou: Setting.primary_domain)
    end
  end
  def hostname_of(uri)
    uri.gsub(/http(s)?:\/\//, "").split(":")[0].split("/")[0]
  end
  def parse_scopes(scope_string)
    return [] if scope_string.blank?
    scopes = scope_string.
      gsub(/\[|\]/, "").
      gsub(/\,/, " ").
      gsub(/\/:/, ":").
      split(/\s/).map(&:strip).
      reject(&:empty?)
    scopes = [":r"] if scopes.include?("*:r")
    scopes = [":rw"] if scopes.include?("*:rw")
    scopes
  end
  def url_with_state(url, state)
    state ? "#{url}&state=#{CGI.escape(state)}" : url
  end
 end
--- a/app/controllers/services/base_controller.rb
+++ b/app/controllers/services/base_controller.rb
@@ -1,9 +0,0 @@
 class Services::BaseController < ApplicationController
  before_action :set_current_section
  private
    def set_current_section
      @current_section = :services
    end
 end
--- a/app/controllers/services/chat_controller.rb
+++ b/app/controllers/services/chat_controller.rb
@@ -1,14 +0,0 @@
 class Services::ChatController < Services::BaseController
  before_action :authenticate_user!
  before_action :require_service_available
  def show
    @service_enabled = current_user.services_enabled.include?(:xmpp)
  end
  private
    def require_service_available
      http_status :not_found unless Setting.ejabberd_enabled?
    end
 end
--- a/app/controllers/services/lightning_controller.rb
+++ b/app/controllers/services/lightning_controller.rb
@@ -1,5 +1,4 @@
 require "rqrcode"
 require "lnurl"
 class Services::LightningController < ApplicationController
  before_action :authenticate_user!
@@ -8,51 +7,25 @@ class Services::LightningController < ApplicationController
  before_action :fetch_balance
  def index
-    @wallet_setup_url = "lndhub://#{current_user.ln_account}:#{current_user.ln_password}@#{ENV['LNDHUB_PUBLIC_URL']}"
+    @wallet_url = "lndhub://#{current_user.ln_account}:#{current_user.ln_password}@#{ENV['LNDHUB_PUBLIC_URL']}"
    qrcode = RQRCode::QRCode.new(@wallet_url)
    @svg = qrcode.as_svg(
      color: "000",
      shape_rendering: "crispEdges",
      module_size: 6,
      standalone: true,
      use_path: true,
      svg_attributes: {
        class: 'inline-block'
      }
    )
  end
  def transactions
    @transactions = fetch_transactions
  end
  def qr_lnurlp
    lnurlp_url = "https://kosmos.org/.well-known/lnurlp/#{current_user.cn}"
    lnurlp_bech32 = Lnurl.new(lnurlp_url).to_bech32
    qr_code = RQRCode::QRCode.new("lightning:" + lnurlp_bech32)
    respond_to do |format|
      format.svg do
        qr_svg = qr_code.as_svg(
          color: "000",
          shape_rendering: "crispEdges",
          module_size: 6,
          standalone: true,
          use_path: true,
          svg_attributes: {
            class: 'inline-block'
          }
        )
        send_data(
          qr_svg,
          filename: "bitcoin-lightning-#{current_user.address}.svg",
          type: "image/svg+xml"
        )
      end
      format.png do
        qr_png = qr_code.as_png(
          fill: "white",
          color: "black",
          size: 1024,
        )
        send_data(
          qr_png,
          filename: "bitcoin-lightning-#{current_user.address}.png",
          type: "image/png"
        )
      end
    end
  end
  private
  def authenticate_with_lndhub(options={})
--- a/app/controllers/services/mastodon_controller.rb
+++ b/app/controllers/services/mastodon_controller.rb
@@ -1,14 +0,0 @@
 class Services::MastodonController < Services::BaseController
  before_action :authenticate_user!
  before_action :require_service_available
  def show
    @service_enabled = current_user.services_enabled.include?(:mastodon)
  end
  private
    def require_service_available
      http_status :not_found unless Setting.mastodon_enabled?
    end
 end
--- a/app/controllers/services/remotestorage_controller.rb
+++ b/app/controllers/services/remotestorage_controller.rb
@@ -1,15 +1,13 @@
-class Services::RemotestorageController < Services::BaseController
+class Services::RemotestorageController < ApplicationController
-  before_action :authenticate_user!
+  before_action :require_user_signed_in
  before_action :require_service_enabled
  before_action :require_feature_enabled
-  before_action :require_service_available
+  before_action :set_current_section
-  # Dashboard
+  def dashboard
  def show
    # unless current_user.services_enabled.include?(:remotestorage)
    #   redirect_to service_remotestorage_info_path
    # end
    @rs_auths = current_user.remote_storage_authorizations
    # TODO sort by app name
  end
  private
@@ -20,7 +18,13 @@ class Services::RemotestorageController < Services::BaseController
      end
    end
-    def require_service_available
+    def require_service_enabled
-      http_status :not_found unless Setting.remotestorage_enabled?
+      unless Setting.remotestorage_enabled?
        http_status :not_found
      end
    end
    def set_current_section
      @current_section = :services
    end
 end
--- a/app/controllers/services/rs_auths_controller.rb
+++ b/app/controllers/services/rs_auths_controller.rb
@@ -1,42 +0,0 @@
 class Services::RsAuthsController < Services::BaseController
  before_action :authenticate_user!
  before_action :require_feature_enabled
  before_action :require_service_available
  # before_action :require_service_enabled
  before_action :find_rs_auth
  def destroy
    @auth.destroy!
    respond_to do |format|
      format.html do redirect_to services_storage_url, flash: {
        success: 'App authorization revoked'
      }
      end
      format.json { head :no_content }
    end
  end
  def launch_app
    launch_url = "#{@auth.launch_url}#remotestorage=#{current_user.address}&access_token=#{@auth.token}"
    redirect_to launch_url, allow_other_host: true
  end
  private
    def require_feature_enabled
      unless Flipper.enabled?(:remotestorage, current_user)
        http_status :forbidden
      end
    end
    def require_service_available
      http_status :not_found unless Setting.remotestorage_enabled?
    end
    def find_rs_auth
      @auth = current_user.remote_storage_authorizations.find(params[:id])
      http_status :not_found unless @auth.present?
    end
 end
--- a/app/controllers/settings_controller.rb
+++ b/app/controllers/settings_controller.rb
@@ -1,5 +1,3 @@
 require 'securerandom'
 class SettingsController < ApplicationController
  before_action :authenticate_user!
  before_action :set_main_nav_section
@@ -11,23 +9,15 @@ class SettingsController < ApplicationController
  end
  def show
    if @settings_section == "experiments"
      session[:shared_secret] ||= SecureRandom.base64(12)
    end
  end
  def update
    @user.preferences.merge!(user_params[:preferences] || {})
    @user.display_name = user_params[:display_name]
    @user.avatar_new = user_params[:avatar]
    if @user.save
      if @user.display_name && (@user.display_name != @user.ldap_entry[:display_name])
-        LdapManager::UpdateDisplayName.call(@user.dn, @user.display_name)
+        LdapManager::UpdateDisplayName.call(@user.dn, user_params[:display_name])
      end
      if @user.avatar_new.present?
        LdapManager::UpdateAvatar.call(@user.dn, @user.avatar_new)
      end
      redirect_to setting_path(@settings_section), flash: {
@@ -63,45 +53,6 @@ class SettingsController < ApplicationController
    redirect_to check_your_email_path, notice: msg
  end
  def set_nostr_pubkey
    signed_event = nostr_event_params[:signed_event].to_h.symbolize_keys
    is_valid_id  = NostrManager::ValidateId.call(signed_event)
    is_valid_sig = NostrManager::VerifySignature.call(signed_event)
    is_correct_content = signed_event[:content] == "Connect my public key to #{current_user.address} (confirmation #{session[:shared_secret]})"
    unless is_valid_id && is_valid_sig && is_correct_content
      flash[:alert] = "Public key could not be verified"
      http_status :unprocessable_entity and return
    end
    pubkey_taken = User.all_except(current_user).where(
      ou: current_user.ou, nostr_pubkey: signed_event[:pubkey]
    ).any?
    if pubkey_taken
      flash[:alert] = "Public key already in use for a different account"
      http_status :unprocessable_entity and return
    end
    current_user.update! nostr_pubkey: signed_event[:pubkey]
    session[:shared_secret] = nil
    flash[:success] = "Public key verification successful"
    http_status :ok
  rescue
    flash[:alert] = "Public key could not be verified"
    http_status :unprocessable_entity and return
  end
  # DELETE /settings/nostr_pubkey
  def remove_nostr_pubkey
    current_user.update! nostr_pubkey: nil
    redirect_to setting_path(:experiments), flash: {
      success: 'Public key removed from account'
    }
  end
  private
    def set_main_nav_section
@@ -110,7 +61,7 @@ class SettingsController < ApplicationController
    def set_settings_section
      @settings_section = params[:section]
-      allowed_sections = [:profile, :account, :lightning, :xmpp, :experiments]
+      allowed_sections = [:profile, :account, :lightning, :xmpp]
      unless allowed_sections.include?(@settings_section.to_sym)
        redirect_to setting_path(:profile)
@@ -122,7 +73,7 @@ class SettingsController < ApplicationController
    end
    def user_params
-      params.require(:user).permit(:display_name, :avatar, preferences: [
+      params.require(:user).permit(:display_name, preferences: [
        :lightning_notify_sats_received,
        :xmpp_exchange_contacts_with_invitees
      ])
@@ -131,10 +82,4 @@ class SettingsController < ApplicationController
    def email_params
      params.require(:user).permit(:email, :current_password)
    end
    def nostr_event_params
      params.permit(signed_event: [
        :id, :pubkey, :created_at, :kind, :tags, :content, :sig
      ])
    end
 end
--- a/app/controllers/signup_controller.rb
+++ b/app/controllers/signup_controller.rb
@@ -88,7 +88,7 @@ class SignupController < ApplicationController
    if session[:new_user].present?
      @user = User.new(session[:new_user])
    else
-      @user = User.new(ou: Setting.primary_domain)
+      @user = User.new(ou: "kosmos.org")
    end
  end
@@ -98,7 +98,7 @@ class SignupController < ApplicationController
    CreateAccount.call(
      username: @user.cn,
-      domain: Setting.primary_domain,
+      domain: "kosmos.org",
      email: @user.email,
      password: @user.password,
      invitation: @invitation
--- a/app/controllers/webfinger_controller.rb
+++ b/app/controllers/webfinger_controller.rb
@@ -6,19 +6,15 @@ class WebfingerController < ApplicationController
  def show
    resource = params[:resource]
-    if resource && @useraddress = resource.match(/acct:(.+)/)&.[](1)
+    if resource && resource.match(/acct:\w+/)
-      @username, @org = @useraddress.split("@")
+      useraddress = resource.split(":").last
-
+      username, org = useraddress.split("@")
-      unless Rails.env.development?
+      username.downcase!
-        # Allow different domains (e.g. localhost:3000) in development only
+      unless User.where(cn: username, ou: org).any?
        head 404 and return unless @org == Setting.primary_domain
      end
      unless User.where(cn: @username.downcase, ou: Setting.primary_domain).any?
        head 404 and return
      end
-      render json: webfinger.to_json,
+      render json: webfinger(useraddress).to_json,
             content_type: "application/jrd+json"
    else
      head 422 and return
@@ -27,18 +23,19 @@ class WebfingerController < ApplicationController
  private
-  def webfinger
+  def webfinger(useraddress)
    links = [];
-    # TODO check if storage service is enabled for user, not just globally
+    links << remotestorage_link(useraddress) if Setting.remotestorage_enabled
    links << remotestorage_link if Setting.remotestorage_enabled
    { "links" => links }
  end
-  def remotestorage_link
+  def remotestorage_link(useraddress)
-    auth_url = new_rs_oauth_url(@username)
+    # TODO use when OAuth routes are available
-    storage_url = "#{Setting.rs_storage_url}/#{@username}"
+    # auth_url = new_rs_oauth_url(useraddress)
    auth_url = "https://example.com/rs/oauth"
    storage_url = "#{Setting.rs_storage_url}/#{useraddress}"
    {
      "rel" => "http://tools.ietf.org/id/draft-dejong-remotestorage",
--- a/app/controllers/webhooks_controller.rb
+++ b/app/controllers/webhooks_controller.rb
@@ -30,7 +30,7 @@ class WebhooksController < ApplicationController
  def notify_xmpp(address, amt_sats, memo)
    payload = {
      type: "normal",
-      from: Setting.xmpp_notifications_from_address,
+      from: "kosmos.org", # TODO domain config
      to: address,
      subject: "Sats received!",
      body: "#{helpers.number_with_delimiter amt_sats} sats received in your Lightning wallet:\n> #{memo}"
--- a/app/controllers/well_known_controller.rb
+++ b/app/controllers/well_known_controller.rb
@@ -1,16 +0,0 @@
 class WellKnownController < ApplicationController
  def nostr
    http_status :unprocessable_entity and return if params[:name].blank?
    domain = request.headers["X-Forwarded-Host"].presence || Setting.primary_domain
    @user = User.where(cn: params[:name], ou: domain).first
    http_status :not_found and return if @user.nil? || @user.nostr_pubkey.blank?
    respond_to do |format|
      format.json do
        render json: {
          names: { "#{@user.cn}": @user.nostr_pubkey }
        }.to_json
      end
    end
  end
 end
--- a/app/helpers/oauth_helper.rb
+++ b/app/helpers/oauth_helper.rb
@@ -1,11 +0,0 @@
 module OauthHelper
  def scope_name(scope)
    scope.gsub(/(\:.+)/, '')
  end
  def scope_permissions(scope)
    scope.match(/\:r$/) ? "r" : "rw"
  end
 end
--- a/app/javascript/controllers/application.js
+++ b/app/javascript/controllers/application.js
@@ -1,12 +1,7 @@
 import { Application } from "@hotwired/stimulus"
 import { Dropdown, Modal, Tabs } from "tailwindcss-stimulus-components"
 const application = Application.start()
 application.register('dropdown', Dropdown)
 application.register('modal', Modal)
 application.register('tabs', Tabs)
 // Configure Stimulus development experience
 application.debug = false
 window.Stimulus   = application
--- a/app/javascript/controllers/settings/nostr_pubkey_controller.js
+++ b/app/javascript/controllers/settings/nostr_pubkey_controller.js
@@ -1,65 +0,0 @@
 import { Controller } from "@hotwired/stimulus"
 import { bech32 } from "bech32"
 function hexToBytes (hex) {
  let bytes = []
  for (let c = 0; c < hex.length; c += 2) {
    bytes.push(parseInt(hex.substr(c, 2), 16))
  }
  return bytes
 }
 // Connects to data-controller="settings--nostr-pubkey"
 export default class extends Controller {
  static targets = [ "noExtension", "setPubkey", "pubkeyBech32Input" ]
  static values  = { userAddress: String, pubkeyHex: String, sharedSecret: String }
  connect () {
    if (this.hasPubkeyHexValue && this.pubkeyHexValue.length > 0) {
      this.pubkeyBech32InputTarget.value = this.pubkeyBech32
    }
    if (window.nostr) {
      if (this.hasSetPubkeyTarget) {
        this.setPubkeyTarget.disabled = false
      }
    } else {
      this.noExtensionTarget.classList.remove("hidden")
    }
  }
  async setPubkey () {
    this.setPubkeyTarget.disabled = true
    try {
      const signedEvent = await window.nostr.signEvent({
        created_at: Math.floor(Date.now() / 1000),
        kind: 1,
        tags: [],
        content: `Connect my public key to ${this.userAddressValue} (confirmation ${this.sharedSecretValue})`
      })
      const res = await fetch("/settings/set_nostr_pubkey", {
        method: "POST", credentials: "include", headers: {
          "Accept": "application/json", 'Content-Type': 'application/json',
          "X-CSRF-Token": this.csrfToken
        }, body: JSON.stringify({ signed_event: signedEvent })
      });
      window.location.reload()
    } catch (error) {
      console.warn('Unable to verify pubkey:', error.message)
      this.setPubkeyTarget.disabled = false
    }
  }
  get pubkeyBech32 () {
    const words = bech32.toWords(hexToBytes(this.pubkeyHexValue))
    return bech32.encode('npub', words)
  }
  get csrfToken () {
    const element = document.head.querySelector('meta[name="csrf-token"]')
    return element.getAttribute("content")
  }
 }
--- a/app/javascript/controllers/settings/resettable_field_controller.js
+++ b/app/javascript/controllers/settings/resettable_field_controller.js
@@ -1,10 +0,0 @@
 import { Controller } from "@hotwired/stimulus"
 export default class extends Controller {
  static targets = [ "resetButton" ]
  resetField () {
    const inputEl = this.element.querySelector('input')
    inputEl.value = inputEl.dataset.defaultValue
  }
 }
--- a/app/jobs/remote_storage_expire_authorization_job.rb
+++ b/app/jobs/remote_storage_expire_authorization_job.rb
@@ -1,10 +0,0 @@
 class RemoteStorageExpireAuthorizationJob < ApplicationJob
  queue_as :remotestorage
  def perform(rs_auth_id)
    rs_auth = RemoteStorageAuthorization.find rs_auth_id
    return unless rs_auth.expire_at.nil? || rs_auth.expire_at <= DateTime.now
    rs_auth.destroy!
  end
 end
--- a/app/models/app_catalog.rb
+++ b/app/models/app_catalog.rb
@@ -1,5 +0,0 @@
 module AppCatalog
  def self.table_name_prefix
    "app_catalog_"
  end
 end
--- a/app/models/app_catalog/web_app.rb
+++ b/app/models/app_catalog/web_app.rb
@@ -1,16 +0,0 @@
 class AppCatalog::WebApp < ApplicationRecord
  store :metadata, coder: JSON
  has_many :remote_storage_authorizations
  has_one_attached :icon
  has_one_attached :apple_touch_icon
  validates :url, presence: true, uniqueness: true
  validates :url, format: { with: URI.regexp },
                  if: Proc.new { |a| a.url.present? }
  def update_metadata
    AppCatalogManager::UpdateMetadata.call(self)
  end
 end
--- a/app/models/remote_storage_authorization.rb
+++ b/app/models/remote_storage_authorization.rb
@@ -1,96 +0,0 @@
 class RemoteStorageAuthorization < ApplicationRecord
  belongs_to :user
  belongs_to :web_app, class_name: "AppCatalog::WebApp", optional: true
  serialize :permissions
  validates_presence_of :permissions
  validates_presence_of :client_id
  scope :valid, -> { where(expire_at: nil).or(where(expire_at: (DateTime.now)..)) }
  scope :expired, -> { where(expire_at: ..(DateTime.now)) }
  after_initialize do |a|
    a.permissions = [] if a.permissions == nil
  end
  before_create  :generate_token
  before_create  :store_token_in_redis
  before_create  :find_or_create_web_app
  after_create   :schedule_token_expiry
  # after_create   :notify_user
  before_destroy :delete_token_from_redis
  after_destroy  :remove_token_expiry_job
  def url
    uri = URI.parse self.redirect_uri
    "#{uri.scheme}://#{client_id}"
  end
  def launch_url
    return url unless web_app && web_app.metadata[:start_url].present?
    start_url = web_app.metadata[:start_url]
    if start_url.match("^https?:\/\/")
      return start_url.start_with?(url) ? start_url : url
    else
      path = start_url.gsub(/^\.\.\//, "").gsub(/^\.\//, "").gsub(/^\//, "")
      "#{url}/#{path}"
    end
  end
  def delete_token_from_redis
    key = "authorizations:#{user.cn}:#{token}"
    redis.srem? key, redis.smembers(key)
  rescue => e
    Rails.logger.error e
    Sentry.capture_exception(e) if Setting.sentry_enabled?
  end
  private
    def redis
      @redis ||= Redis.new(url: Setting.rs_redis_url)
    end
    def generate_token(length=16)
      self.token = SecureRandom.hex(length) if self.token.blank?
    end
    def store_token_in_redis
      redis.sadd "authorizations:#{user.cn}:#{token}", permissions
    end
    def schedule_token_expiry
      return unless expire_at.present?
      RemoteStorageExpireAuthorizationJob.set(wait_until: expire_at)
                                         .perform_later(id)
    end
    def remove_token_expiry_job
      queue = Sidekiq::Queue.new(RemoteStorageExpireAuthorizationJob.queue_name)
      queue.each do |job|
        next unless job.display_class == "RemoteStorageExpireAuthorizationJob"
        job.delete if job.display_args == [id]
      end
    end
    def find_or_create_web_app
      if looks_like_hosted_origin?
        web_app = AppCatalog::WebApp.find_or_create_by!(url: self.url)
        web_app.update_metadata unless web_app.name.present?
        self.web_app = web_app
        self.app_name = web_app.name.presence || client_id
      else
        self.app_name = client_id
      end
    end
    def looks_like_hosted_origin?
      uri = URI.parse self.redirect_uri
      !!(uri.host =~ /(?=^.{4,253}$)(^((?!-)[a-zA-Z0-9-]{0,62}[a-zA-Z0-9]\.)+[a-zA-Z]{2,63}$)/)
    rescue URI::InvalidURIError
      false
    end
 end
--- a/app/models/setting.rb
+++ b/app/models/setting.rb
@@ -2,9 +2,6 @@
 class Setting < RailsSettings::Base
  cache_prefix { "v1" }
  field :primary_domain, type: :string,
    default: ENV["PRIMARY_DOMAIN"].presence
  field :accounts_domain, type: :string,
    default: ENV["AKKOUNTS_DOMAIN"].presence
@@ -12,7 +9,7 @@ class Setting < RailsSettings::Base
  # Internal services
  #
-  field :redis_url, type: :string,
+  field :redis_url, type: :string, readonly: true,
    default: ENV["REDIS_URL"] || "redis://localhost:6379/0"
  #
@@ -29,67 +26,38 @@ class Setting < RailsSettings::Base
  field :xmpp_default_rooms, type: :array, default: []
  field :xmpp_autojoin_default_rooms, type: :boolean, default: false
  field :xmpp_notifications_from_address, type: :string, default: primary_domain
  #
  # Sentry
  #
  field :sentry_enabled, type: :boolean, readonly: true,
-    default: ENV["SENTRY_DSN"].present?
+    default: (ENV["SENTRY_DSN"].present?.to_s || false)
  #
  # BTCPay Server
  #
  field :btcpay_api_url, type: :string,
    default: ENV["BTCPAY_API_URL"].presence
  field :btcpay_enabled, type: :boolean,
    default: ENV["BTCPAY_API_URL"].present?
  field :btcpay_store_id, type: :string,
    default: ENV["BTCPAY_STORE_ID"].presence
  field :btcpay_auth_token, type: :string,
    default: ENV["BTCPAY_AUTH_TOKEN"].presence
  field :btcpay_publish_wallet_balances, type: :boolean, default: true
  #
  # Discourse
  #
-  field :discourse_public_url, type: :string,
+  field :discourse_public_url, type: :string, readonly: true,
    default: ENV["DISCOURSE_PUBLIC_URL"].presence
  field :discourse_enabled, type: :boolean,
-    default: ENV["DISCOURSE_PUBLIC_URL"].present?
+    default: (ENV["DISCOURSE_PUBLIC_URL"].present?.to_s || false)
-  field :discourse_connect_secret, type: :string,
+  field :discourse_connect_secret, type: :string, readonly: true,
    default: ENV["DISCOURSE_CONNECT_SECRET"].presence
  #
  # Drone CI
  #
  field :droneci_public_url, type: :string,
    default: ENV["DRONECI_PUBLIC_URL"].presence
  field :droneci_enabled, type: :boolean,
    default: ENV["DRONECI_PUBLIC_URL"].present?
  #
  # ejabberd
  #
  field :ejabberd_enabled, type: :boolean,
-    default: ENV["EJABBERD_API_URL"].present?
+    default: (ENV["EJABBERD_API_URL"].present?.to_s || false)
-  field :ejabberd_api_url, type: :string,
+  field :ejabberd_api_url, type: :string, readonly: true,
    default: ENV["EJABBERD_API_URL"].presence
-  field :ejabberd_admin_url, type: :string,
+  field :ejabberd_admin_url, type: :string, readonly: true,
    default: ENV["EJABBERD_ADMIN_URL"].presence
  field :ejabberd_buddy_roster, type: :string,
@@ -99,56 +67,50 @@ class Setting < RailsSettings::Base
  # Gitea
  #
-  field :gitea_public_url, type: :string,
+  field :gitea_public_url, type: :string, readonly: true,
    default: ENV["GITEA_PUBLIC_URL"].presence
  field :gitea_enabled, type: :boolean,
-    default: ENV["GITEA_PUBLIC_URL"].present?
+    default: (ENV["GITEA_PUBLIC_URL"].present?.to_s || false)
  #
  # Lightning Network
  #
-  field :lndhub_api_url, type: :string,
+  field :lndhub_api_url, type: :string, readonly: true,
    default: ENV["LNDHUB_API_URL"].presence
  field :lndhub_enabled, type: :boolean,
-    default: ENV["LNDHUB_API_URL"].present?
+    default: (ENV["LNDHUB_API_URL"].present?.to_s || false)
  field :lndhub_admin_token, type: :string,
    default: ENV["LNDHUB_ADMIN_TOKEN"].presence
  field :lndhub_admin_enabled, type: :boolean,
-    default: ENV["LNDHUB_ADMIN_UI"] || false
+    default: (ENV["LNDHUB_ADMIN_UI"] || false)
-  field :lndhub_public_key, type: :string,
+  field :lndhub_public_key, type: :string, readonly: true,
    default: (ENV["LNDHUB_PUBLIC_KEY"] || "")
  field :lndhub_keysend_enabled, type: :boolean,
-    default: -> { self.lndhub_public_key.present? }
+    default: -> { self.lndhub_public_key.present?.to_s || false }
  #
  # Mastodon
  #
-  field :mastodon_public_url, type: :string,
+  field :mastodon_public_url, type: :string, readonly: true,
    default: ENV["MASTODON_PUBLIC_URL"].presence
  field :mastodon_enabled, type: :boolean,
-    default: ENV["MASTODON_PUBLIC_URL"].present?
+    default: (ENV["MASTODON_PUBLIC_URL"].present?.to_s || false)
  field :mastodon_address_domain, type: :string,
    default: ENV["MASTODON_ADDRESS_DOMAIN"].presence || self.primary_domain
  #
  # MediaWiki
  #
-  field :mediawiki_public_url, type: :string,
+  field :mediawiki_public_url, type: :string, readonly: true,
    default: ENV["MEDIAWIKI_PUBLIC_URL"].presence
  field :mediawiki_enabled, type: :boolean,
-    default: ENV["MEDIAWIKI_PUBLIC_URL"].present?
+    default: (ENV["MEDIAWIKI_PUBLIC_URL"].present?.to_s || false)
  #
  # Nostr
@@ -161,11 +123,8 @@ class Setting < RailsSettings::Base
  #
  field :remotestorage_enabled, type: :boolean,
-    default: ENV["RS_STORAGE_URL"].present?
+    default: (ENV["RS_STORAGE_URL"].present?.to_s || false)
  field :rs_storage_url, type: :string,
    default: ENV["RS_STORAGE_URL"].presence
  field :rs_redis_url, type: :string,
    default: ENV["RS_REDIS_URL"] || "redis://localhost:6379/1"
 end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -2,14 +2,10 @@ class User < ApplicationRecord
  include EmailValidatable
  attr_accessor :display_name
  attr_accessor :avatar_new
  serialize :preferences, UserPreferences
  #
  # Relations
  #
  has_many :invitations, dependent: :destroy
  has_one  :invitation, inverse_of: :invitee, foreign_key: 'invited_user_id'
  has_one  :inviter, through: :invitation, source: :user
@@ -22,13 +18,7 @@ class User < ApplicationRecord
  has_many :accounts, through: :lndhub_user
-  has_many :remote_storage_authorizations
+  validates_uniqueness_of :cn
  #
  # Validations
  #
  validates_uniqueness_of :cn, scope: :ou
  validates_length_of :cn, minimum: 3
  validates_format_of :cn, with: /\A([a-z0-9\-])*\z/,
                           if: Proc.new{ |u| u.cn.present? },
@@ -46,21 +36,8 @@ class User < ApplicationRecord
  validates_length_of :display_name, minimum: 3, maximum: 35, allow_blank: true,
                                     if: -> { defined?(@display_name) }
-  validates_uniqueness_of :nostr_pubkey, allow_blank: true
+  scope :confirmed, -> { where.not(confirmed_at: nil) }
-
+  scope :pending,   -> { where(confirmed_at: nil) }
  validate :acceptable_avatar
  #
  # Scopes
  #
  scope :confirmed,  -> { where.not(confirmed_at: nil) }
  scope :pending,    -> { where(confirmed_at: nil) }
  scope :all_except, -> (user) { where.not(id: user) }
  #
  # Encrypted database columns
  #
  has_encrypted :ln_login, :ln_password
@@ -90,7 +67,6 @@ class User < ApplicationRecord
      # E-Mail update confirmed
      LdapManager::UpdateEmail.call(self.dn, self.email)
    else
      # TODO Make configurable
      # E-Mail from signup confirmed (i.e. account activation)
      enable_service %w[ discourse gitea mediawiki xmpp ]
@@ -128,11 +104,6 @@ class User < ApplicationRecord
    "#{self.cn}@#{self.ou}"
  end
  def mastodon_address
    return nil unless Setting.mastodon_enabled?
    "#{self.cn}@#{Setting.mastodon_address_domain}"
  end
  def valid_attribute?(attribute_name)
    self.valid?
    self.errors[attribute_name].blank?
@@ -158,10 +129,6 @@ class User < ApplicationRecord
    @display_name ||= ldap_entry[:display_name]
  end
  def avatar
    @avatar_base64 ||= LdapManager::FetchAvatar.call(cn: cn, ou: ou)
  end
  def services_enabled
    ldap_entry[:service] || []
  end
@@ -190,17 +157,4 @@ class User < ApplicationRecord
      return @ldap_service if defined?(@ldap_service)
      @ldap_service = LdapService.new
    end
    def acceptable_avatar
      return unless avatar_new.present?
      if avatar_new.size > 1.megabyte
        errors.add(:avatar, "file size is too large")
      end
      acceptable_types = ["image/jpeg", "image/png"]
      unless acceptable_types.include?(avatar_new.content_type)
        errors.add(:avatar, "must be a JPEG or PNG file")
      end
    end
 end
--- a/app/services/app_catalog_manager/update_metadata.rb
+++ b/app/services/app_catalog_manager/update_metadata.rb
@@ -1,52 +0,0 @@
 require "manifique"
 require "down"
 module AppCatalogManager
  class UpdateMetadata < AppCatalogManagerService
    def initialize(app)
      @app = app
    end
    def call
      agent = Manifique::Agent.new(url: @app.url)
      metadata = agent.fetch_metadata
      @app.name = metadata.name
      [:name, :short_name, :description, :theme_color, :background_color,
       :display, :start_url, :scope, :share_target, :icons].each do |prop|
        @app.metadata[prop] = metadata.send(prop) if prop
      end
      if icon = metadata.select_icon(sizes: "256x256") ||
         icon = metadata.select_icon(sizes: "192x192")
        attach_remote_image(:icon, icon)
        # TODO elsif get whatever is available
      end
      if apple_touch_icon = metadata.select_icon(purpose: "apple-touch-icon")
        attach_remote_image(:apple_touch_icon, apple_touch_icon)
      end
      @app.save!
    rescue Manifique::Error => e
      msg = "Fetching web app manifest failed for #{e.url}: #{e.type}"
      Rails.logger.warn(msg)
      Sentry.capture_message(msg) if Setting.sentry_enabled?
      false
    end
    def attach_remote_image(attachment_name, icon)
      if icon['src'].start_with?("http")
        download_url = icon['src']
      else
        download_url = "#{@app.url}/#{icon["src"].gsub(/^\//,'')}"
      end
      filename = "#{attachment_name}.png"
      key = "web_apps/#{@app.id}/icons/#{attachment_name}.png"
      tempfile = Down.download(download_url)
      @app.send(attachment_name).attach(key: key, io: tempfile, filename: filename)
    end
  end
 end
--- a/app/services/app_catalog_manager_service.rb
+++ b/app/services/app_catalog_manager_service.rb
@@ -1,2 +0,0 @@
 class AppCatalogManagerService < ApplicationService
 end
--- a/app/services/btc_pay.rb
+++ b/app/services/btc_pay.rb
@@ -0,0 +1,32 @@
 #
 # API Docs: https://docs.btcpayserver.org/API/Greenfield/v1/
 #
 class BtcPay
  def initialize
    @base_url = ENV["BTCPAY_API_URL"]
    @store_id = Rails.application.credentials.btcpay[:store_id]
    @auth_token = Rails.application.credentials.btcpay[:auth_token]
  end
  def onchain_wallet_balance
    res = get "stores/#{@store_id}/payment-methods/onchain/BTC/wallet"
    {
      balance: res["balance"].to_f,
      unconfirmed_balance: res["unconfirmedBalance"].to_f,
      confirmed_balance: res["confirmedBalance"].to_f
    }
  end
  private
  def get(endpoint)
    res = Faraday.get("#{@base_url}/#{endpoint}", {}, {
      "Content-Type" => "application/json",
      "Accept" => "application/json",
      "Authorization" => "token #{@auth_token}"
    })
    JSON.parse(res.body)
  end
 end
--- a/app/services/btcpay_manager/fetch_lightning_wallet_balance.rb
+++ b/app/services/btcpay_manager/fetch_lightning_wallet_balance.rb
@@ -1,11 +0,0 @@
 module BtcpayManager
  class FetchLightningWalletBalance < BtcpayManagerService
    def call
      res = get "stores/#{store_id}/lightning/BTC/balance"
      {
        balance: res["offchain"]["local"].to_i / 1000 # msats to sats
      }
    end
  end
 end
--- a/app/services/btcpay_manager/fetch_onchain_wallet_balance.rb
+++ b/app/services/btcpay_manager/fetch_onchain_wallet_balance.rb
@@ -1,13 +0,0 @@
 module BtcpayManager
  class FetchOnchainWalletBalance < BtcpayManagerService
    def call
      res = get "stores/#{store_id}/payment-methods/onchain/BTC/wallet"
      {
        balance: (res["balance"].to_f * 100000000).to_i, # BTC to sats
        unconfirmed_balance: (res["unconfirmedBalance"].to_f * 100000000).to_i,
        confirmed_balance: (res["confirmedBalance"].to_f * 100000000).to_i
      }
    end
  end
 end
--- a/app/services/btcpay_manager_service.rb
+++ b/app/services/btcpay_manager_service.rb
@@ -1,24 +0,0 @@
 #
 # API Docs: https://docs.btcpayserver.org/API/Greenfield/v1/
 #
 class BtcpayManagerService < ApplicationService
  attr_reader :base_url, :store_id, :auth_token
  def initialize
    @base_url   = Setting.btcpay_api_url
    @store_id   = Setting.btcpay_store_id
    @auth_token = Setting.btcpay_auth_token
  end
  private
    def get(endpoint)
      res = Faraday.get("#{base_url}/#{endpoint}", {}, {
        "Content-Type" => "application/json",
        "Accept" => "application/json",
        "Authorization" => "token #{auth_token}"
      })
      JSON.parse(res.body)
    end
 end
--- a/app/services/create_account.rb
+++ b/app/services/create_account.rb
@@ -1,7 +1,7 @@
 class CreateAccount < ApplicationService
  def initialize(args)
    @username   = args[:username]
-    @domain     = args[:ou] || Setting.primary_domain
+    @domain     = args[:ou] || "kosmos.org"
    @email      = args[:email]
    @password   = args[:password]
    @invitation = args[:invitation]
--- a/app/services/ldap_manager/fetch_avatar.rb
+++ b/app/services/ldap_manager/fetch_avatar.rb
@@ -1,17 +0,0 @@
 module LdapManager
  class FetchAvatar < LdapManagerService
    def initialize(cn:, ou: nil)
      @cn = cn
      @ou = ou
    end
    def call
      treebase   = @ou ? "ou=#{@ou},cn=users,#{suffix}" : ldap_config["base"]
      attributes = %w{ jpegPhoto }
      filter     = Net::LDAP::Filter.eq("cn", @cn)
      entry = ldap_client.search(base: treebase, filter: filter, attributes: attributes).first
      entry.try(:jpegPhoto) ? entry.jpegPhoto.first : nil
    end
  end
 end
--- a/app/services/ldap_manager/update_avatar.rb
+++ b/app/services/ldap_manager/update_avatar.rb
@@ -1,27 +0,0 @@
 require "image_processing/vips"
 module LdapManager
  class UpdateAvatar < LdapManagerService
    def initialize(dn, file)
      @dn = dn
      @img_data = process(file)
    end
    def call
      replace_attribute @dn, :jpegPhoto, @img_data
    end
    private
    def process(file)
      processed = ImageProcessing::Vips
        .resize_to_fill(512, 512)
        .source(file)
        .convert("jpeg")
        .saver(strip: true)
        .call
      Base64.strict_encode64 processed.read
    end
  end
 end
--- a/app/services/ldap_manager_service.rb
+++ b/app/services/ldap_manager_service.rb
@@ -1,5 +1,2 @@
 class LdapManagerService < LdapService
  def suffix
    @suffix ||= ENV["LDAP_SUFFIX"] || "dc=kosmos,dc=org"
  end
 end
--- a/app/services/lndhub_v2.rb
+++ b/app/services/lndhub_v2.rb
@@ -14,7 +14,7 @@ class LndhubV2 < Lndhub
  end
  def create_account(payload={})
-    post "v2/users", payload, admin_token: Setting.lndhub_admin_token
+    post "v2/users", payload, admin_token: Rails.application.credentials.lndhub[:admin_token]
  end
  def create_invoice(payload)
--- a/app/services/nostr_manager/validate_id.rb
+++ b/app/services/nostr_manager/validate_id.rb
@@ -1,11 +0,0 @@
 module NostrManager
  class ValidateId < NostrManagerService
    def initialize(event)
      @event = Nostr::Event.new(**event)
    end
    def call
      @event.id == Digest::SHA256.hexdigest(JSON.generate(@event.serialize))
    end
  end
 end
--- a/app/services/nostr_manager/verify_signature.rb
+++ b/app/services/nostr_manager/verify_signature.rb
@@ -1,17 +0,0 @@
 module NostrManager
  class VerifySignature < NostrManagerService
    def initialize(event)
      @event = Nostr::Event.new(**event)
    end
    def call
      Schnorr.check_sig!(
        [@event.id].pack('H*'),
        [@event.pubkey].pack('H*'),
        [@event.sig].pack('H*')
      )
    rescue Schnorr::InvalidSignatureError
      false
    end
  end
 end
--- a/app/services/nostr_manager_service.rb
+++ b/app/services/nostr_manager_service.rb
@@ -1,4 +0,0 @@
 require "nostr"
 class NostrManagerService < ApplicationService
 end
--- a/app/views/admin/app_catalog/web_apps/index.html.erb
+++ b/app/views/admin/app_catalog/web_apps/index.html.erb
@@ -1,56 +0,0 @@
 <%= render HeaderComponent.new(title: "App Catalog") %>
 <%= render MainWithSidenavComponent.new(sidenav_partial: 'shared/admin_sidenav_app_catalog') do %>
  <section>
    <%= render QuickstatsContainerComponent.new do %>
      <%= render QuickstatsItemComponent.new(
          type: :number,
          title: 'Known Web Apps',
          value: @stats[:known_apps],
      ) %>
      <%# <%= render QuickstatsItemComponent.new(
      <%#     type: :number,
      <%#     title: 'Accepted',
      <%#     value: @stats[:accepted],
      <%# ) %>
      <%# <%= render QuickstatsItemComponent.new(
      <%#     type: :number,
      <%#     title: 'Users with referrals',
      <%#     value: @stats[:users_with_referrals],
      <%#     meta: "/ #{User.count}"
      <%# ) %>
    <% end %>
  </section>
  <% if @web_apps.any? %>
    <section>
      <h3>Web Apps</h3>
      <table class="divided mb-8">
        <thead>
          <tr>
            <th>Name</th>
            <th>URL</th>
            <th class="hidden md:table-cell">RS Auths</th>
            <th class="hidden md:table-cell">Created at</th>
          </tr>
        </thead>
        <tbody>
          <% @web_apps.each do |web_app| %>
            <tr>
              <td><%= web_app.name %></td>
              <td><%= link_to web_app.url, web_app.url,
                              target: "_blank", rel: "nofollow noopener",
                              class: "ks-text-link" %></td>
              <td class="hidden md:table-cell"><%= web_app.remote_storage_authorizations.count %></td>
              <td class="hidden md:table-cell">
                <span title="<%= web_app.created_at %>" class="cursor-help">
                  <%= time_ago_in_words web_app.created_at, include_seconds: false %> ago
                </span>
              </td>
            </tr>
          <% end %>
        </tbody>
      </table>
      <%== pagy_nav @pagy %>
    </section>
  <% end %>
 <% end %>
--- a/app/views/admin/donations/_form.html.erb
+++ b/app/views/admin/donations/_form.html.erb
@@ -12,7 +12,7 @@
  <section class="sm:w-1/2 grid grid-cols-2 items-center gap-y-2">
    <%= form.label :user_id %>
-    <%= form.collection_select :user_id, User.where(ou: Setting.primary_domain).order(:cn), :id, :cn, {} %>
+    <%= form.collection_select :user_id, User.where(ou: "kosmos.org").order(:cn), :id, :cn, {} %>
    <%= form.label :amount_sats, "Amount BTC (sats)" %>
    <%= form.number_field :amount_sats %>
--- a/app/views/admin/settings/services/_btcpay.html.erb
+++ b/app/views/admin/settings/services/_btcpay.html.erb
@@ -1,37 +0,0 @@
 <h3>BTCPay Server</h3>
 <ul role="list">
  <%= render FormElements::FieldsetToggleComponent.new(
    form: f,
    attribute: :btcpay_enabled,
    enabled: Setting.btcpay_enabled?,
    title: "Enable BTCPay integration",
    description: "BTCPay configuration present and features enabled"
  ) %>
 <% if Setting.btcpay_enabled? %>
  <%= render FormElements::FieldsetResettableSettingComponent.new(
        key: :btcpay_api_url,
        title: "API URL"
      ) %>
  <%= render FormElements::FieldsetResettableSettingComponent.new(
        key: :btcpay_store_id,
        title: "Store ID"
      ) %>
  <%= render FormElements::FieldsetResettableSettingComponent.new(
        key: :btcpay_auth_token,
        type: :password,
        title: "Auth Token"
      ) %>
 </ul>
 </section>
 <section>
 <h3>REST API</h3>
 <ul role="list">
  <%= render FormElements::FieldsetToggleComponent.new(
    form: f,
    attribute: :btcpay_publish_wallet_balances,
    enabled: Setting.btcpay_publish_wallet_balances?,
    title: "Publish wallet balances",
    description: "Publish the store's on-chain and Lightning wallet balances"
  ) %>
 <% end %>
 </ul>
--- a/app/views/admin/settings/services/_discourse.html.erb
+++ b/app/views/admin/settings/services/_discourse.html.erb
@@ -8,15 +8,16 @@
    description: "Discourse configuration present and features enabled"
  ) %>
 <% if Setting.discourse_enabled? %>
-  <%= render FormElements::FieldsetResettableSettingComponent.new(
+  <%= render FormElements::FieldsetComponent.new(title: "Public URL") do %>
-        key: :discourse_public_url,
+    <%= f.text_field :discourse_public_url,
-        title: "Public URL"
+      value: Setting.discourse_public_url,
-      ) %>
+      class: "w-full", disabled: true %>
-  <%= render FormElements::FieldsetResettableSettingComponent.new(
+  <% end %>
-        key: :discourse_connect_secret,
+  <%= render FormElements::FieldsetComponent.new(title: "Connect secret") do %>
-        type: :password,
+    <%= f.password_field :discourse_connect_secret,
-        title: "Connect secret"
+      value: Setting.discourse_connect_secret,
-      ) %>
+      class: "w-full", disabled: true %>
  <% end %>
 <% end %>
 </ul>
 <% if Setting.discourse_enabled? %>
@@ -30,14 +31,14 @@
      <input type="text" class="grow" disabled="disabled"
             value="https://<%= Setting.accounts_domain %>/discourse/connect"
             data-clipboard-target="source" />
-      <button class="btn-md btn-icon btn-outline shrink-0"
+      <button class="btn-md btn-icon btn-blue shrink-0"
              data-clipboard-target="trigger" data-action="clipboard#copy"
              title="Copy to clipboard">
        <span class="content-initial">
-          <%= render partial: "icons/copy", locals: { custom_class: "text-blue-600 h-4 w-4 inline" } %>
+          <%= render partial: "icons/copy", locals: { custom_class: "text-white h-4 w-4 inline" } %>
        </span>
        <span class="content-active hidden">
-          <%= render partial: "icons/check", locals: { custom_class: "text-blue-600 h-4 w-4 inline" } %>
+          <%= render partial: "icons/check", locals: { custom_class: "text-white h-4 w-4 inline" } %>
        </span>
      </button>
    </li>
--- a/app/views/admin/settings/services/_droneci.html.erb
+++ b/app/views/admin/settings/services/_droneci.html.erb
@@ -1,16 +0,0 @@
 <h3>Drone CI</h3>
 <ul role="list">
  <%= render FormElements::FieldsetToggleComponent.new(
    form: f,
    attribute: :droneci_enabled,
    enabled: Setting.droneci_enabled?,
    title: "Enable Drone CI integration",
    description: "Drone CI configuration present and features enabled"
  ) %>
  <% if Setting.droneci_enabled? %>
    <%= render FormElements::FieldsetResettableSettingComponent.new(
          key: :droneci_public_url,
          title: "Public URL"
        ) %>
  <% end %>
 </ul>
--- a/app/views/admin/settings/services/_ejabberd.html.erb
+++ b/app/views/admin/settings/services/_ejabberd.html.erb
@@ -8,14 +8,16 @@
    description: "ejabberd configuration present and features enabled"
  ) %>
 <% if Setting.ejabberd_enabled? %>
-  <%= render FormElements::FieldsetResettableSettingComponent.new(
+  <%= render FormElements::FieldsetComponent.new(title: "API URL") do %>
-        key: :ejabberd_api_url,
+    <%= f.text_field :ejabberd_api_url,
-        title: "API URL"
+      value: Setting.ejabberd_api_url,
-      ) %>
+      class: "w-full", disabled: true %>
-  <%= render FormElements::FieldsetResettableSettingComponent.new(
+  <% end %>
-        key: :ejabberd_admin_url,
+  <%= render FormElements::FieldsetComponent.new(title: "Admin URL") do %>
-        title: "Admin URL"
+    <%= f.text_field :ejabberd_admin_url,
-      ) %>
+      value: Setting.ejabberd_admin_url,
      class: "w-full", disabled: true %>
  <% end %>
 </ul>
 <h3 class="mt-10">User default settings</h3>
 <ul role="list">
@@ -35,24 +37,12 @@
    title: "Auto-join default rooms",
    description: "Automatically join above default rooms in chat clients"
  ) %>
-  <%= render FormElements::FieldsetResettableSettingComponent.new(
+  <%= render FormElements::FieldsetComponent.new(
        key: :ejabberd_buddy_roster,
        title: "Contact roster name",
        description: "Used when exchanging contacts after signup from invitation"
      ) %>
 </ul>
 <h3 class="mt-10">Notifications</h3>
 <ul role="list">
  <%= render FormElements::FieldsetComponent.new(
        title: "From address",
        description: "Address (JID) of the account notifications are sent from",
        resettable: Setting.get_field(:xmpp_notifications_from_address)[:default] != Setting.xmpp_notifications_from_address
      ) do %>
-    <%= f.text_field :xmpp_notifications_from_address,
+    <%= f.text_field :ejabberd_buddy_roster,
-      value: Setting.xmpp_notifications_from_address,
+      value: Setting.ejabberd_buddy_roster,
      data: {
        :'default-value' => Setting.get_field(:xmpp_notifications_from_address)[:default]
      },
      class: "w-full" %>
  <% end %>
 <% end %>
--- a/app/views/admin/settings/services/_gitea.html.erb
+++ b/app/views/admin/settings/services/_gitea.html.erb
@@ -8,9 +8,10 @@
    description: "Gitea configuration present and features enabled"
  ) %>
  <% if Setting.gitea_enabled? %>
-    <%= render FormElements::FieldsetResettableSettingComponent.new(
+    <%= render FormElements::FieldsetComponent.new(title: "Public URL") do %>
-          key: :gitea_public_url,
+      <%= f.text_field :gitea_public_url,
-          title: "Public URL"
+        value: Setting.gitea_public_url,
-        ) %>
+        class: "w-full", disabled: true %>
    <% end %>
  <% end %>
 </ul>
--- a/app/views/admin/settings/services/_lndhub.html.erb
+++ b/app/views/admin/settings/services/_lndhub.html.erb
@@ -8,36 +8,31 @@
    description: "LNDHub configuration present and wallet features enabled"
  ) %>
  <% if Setting.lndhub_enabled? %>
-    <%= render FormElements::FieldsetResettableSettingComponent.new(
+    <%= render FormElements::FieldsetComponent.new(title: "API URL") do %>
-      key: :lndhub_api_url,
+      <%= f.text_field :lndhub_api_url,
-      title: "API URL"
+        value: Setting.lndhub_api_url,
-    ) %>
+        class: "w-full", disabled: true %>
-    <%= render FormElements::FieldsetResettableSettingComponent.new(
+    <% end %>
-      key: :lndhub_admin_token,
+  <% end %>
-      type: :password,
+  <%= render FormElements::FieldsetToggleComponent.new(
-      title: "Admin token",
+    form: f,
-      description: "Auth token for creating new lndhub accounts"
+    attribute: :lndhub_admin_enabled,
-    ) %>
+    enabled: Setting.lndhub_admin_enabled?,
-    <%= render FormElements::FieldsetToggleComponent.new(
+    title: "Enable LNDHub admin panel",
-      form: f,
+    description: "LNDHub database configuration present and admin panel enabled"
-      attribute: :lndhub_admin_enabled,
+  ) %>
-      enabled: Setting.lndhub_admin_enabled?,
+  <%= render FormElements::FieldsetToggleComponent.new(
-      title: "Enable LNDHub admin panel",
+    form: f,
-      description: "LNDHub database configuration present and admin panel enabled"
+    attribute: :lndhub_keysend_enabled,
-    ) %>
+    enabled: Setting.lndhub_keysend_enabled?,
-    <%= render FormElements::FieldsetToggleComponent.new(
+    title: "Enable keysend payments",
-      form: f,
+    description: "Allow users to receive invoice-less payments to their Lightning Address"
-      attribute: :lndhub_keysend_enabled,
+  ) %>
-      enabled: Setting.lndhub_keysend_enabled?,
+  <% if Setting.lndhub_keysend_enabled? %>
-      title: "Enable keysend payments",
+    <%= render FormElements::FieldsetComponent.new(title: "Public key", description: "The public key of the Lightning node used by LNDHub") do %>
-      description: "Allow users to receive invoice-less payments to their Lightning Address"
+      <%= f.text_field :lndhub_public_key,
-    ) %>
+        value: Setting.lndhub_public_key,
-    <% if Setting.lndhub_keysend_enabled? %>
+        class: "w-full", disabled: true %>
      <%= render FormElements::FieldsetResettableSettingComponent.new(
            key: :lndhub_public_key,
            title: "Public key",
            description: "The public key of the Lightning node used by LNDHub"
          ) %>
    <% end %>
  <% end %>
 </ul>
--- a/app/views/admin/settings/services/_mastodon.html.erb
+++ b/app/views/admin/settings/services/_mastodon.html.erb
@@ -8,13 +8,10 @@
    description: "Mastodon configuration present and features enabled"
  ) %>
  <% if Setting.mastodon_enabled? %>
-    <%= render FormElements::FieldsetResettableSettingComponent.new(
+    <%= render FormElements::FieldsetComponent.new(title: "Public URL") do %>
-          key: :mastodon_public_url,
+      <%= f.text_field :mastodon_public_url,
-          title: "Public URL"
+        value: Setting.mastodon_public_url,
-        ) %>
+        class: "w-full", disabled: true %>
-    <%= render FormElements::FieldsetResettableSettingComponent.new(
+    <% end %>
          key: :mastodon_address_domain,
          title: "User address domain"
        ) %>
  <% end %>
 </ul>
--- a/app/views/admin/settings/services/_mediawiki.html.erb
+++ b/app/views/admin/settings/services/_mediawiki.html.erb
@@ -8,9 +8,10 @@
    description: "MediaWiki configuration present and features enabled"
  ) %>
  <% if Setting.mediawiki_enabled? %>
-    <%= render FormElements::FieldsetResettableSettingComponent.new(
+    <%= render FormElements::FieldsetComponent.new(title: "Public URL") do %>
-          key: :mediawiki_public_url,
+      <%= f.text_field :mediawiki_public_url,
-          title: "Public URL"
+        value: Setting.mediawiki_public_url,
-        ) %>
+        class: "w-full", disabled: true %>
    <% end %>
  <% end %>
 </ul>
--- a/app/views/admin/settings/services/_remotestorage.html.erb
+++ b/app/views/admin/settings/services/_remotestorage.html.erb
@@ -1,5 +1,4 @@
 <h3>RemoteStorage</h3>
 <p class="text-red-600 mb-8">Feature currently in development.</p>
 <ul role="list">
  <%= render FormElements::FieldsetToggleComponent.new(
    form: f,
@@ -9,13 +8,10 @@
    description: "RemoteStorage configuration present and features enabled"
  ) %>
  <% if Setting.remotestorage_enabled? %>
-    <%= render FormElements::FieldsetResettableSettingComponent.new(
+    <%= render FormElements::FieldsetComponent.new(title: "Storage URL") do %>
-          key: :rs_storage_url,
+      <%= f.text_field :rs_storage_url,
-          title: "Storage Base URL"
+        value: Setting.rs_storage_url,
-        ) %>
+        class: "w-full", disabled: true %>
-    <%= render FormElements::FieldsetResettableSettingComponent.new(
+    <% end %>
          key: :rs_redis_url,
          title: "Redis URL"
        ) %>
  <% end %>
 </ul>
--- a/app/views/admin/users/show.html.erb
+++ b/app/views/admin/users/show.html.erb
@@ -63,12 +63,6 @@
    </section>
    <section class="sm:flex-1 sm:pt-0">
      <% if @avatar.present? %>
      <h3>LDAP<h3>
      <p>
        <img src="data:image/jpeg;base64,<%= @avatar %>" class="h-48 w-48" />
      </p>
      <% end %>
      <!-- <h3>Actions</h3> -->
    </section>
  </div>
--- a/app/views/contributions/donations/index.html.erb
+++ b/app/views/contributions/donations/index.html.erb
@@ -1,6 +1,10 @@
-<%= render HeaderComponent.new(title: "Contributions") %>
+<%# <%= render HeaderComponent.new(title: "Contributions") %>
 <%= render HeaderWithTabsComponent.new(
  # title: "Contributions",
  tabnav_partial: "shared/tabnav_contributions"
 ) %>
-<%= render MainWithTabnavComponent.new(tabnav_partial: "shared/tabnav_contributions") do %>
+<%= render MainSimpleComponent.new do %>
  <section>
    <% if @donations.any? %>
      <p class="mb-12">
--- a/app/views/contributions/projects/index.html.erb
+++ b/app/views/contributions/projects/index.html.erb
@@ -1,6 +1,9 @@
-<%= render HeaderComponent.new(title: "Contributions") %>
+<%= render HeaderWithTabsComponent.new(
  # title: "Contributions",
  tabnav_partial: "shared/tabnav_contributions"
 ) %>
-<%= render MainWithTabnavComponent.new(tabnav_partial: "shared/tabnav_contributions") do %>
+<%= render MainSimpleComponent.new do %>
  <section>
    <p class="mb-8">
      Project contributions are how we develop and run all Kosmos software and
--- a/app/views/dashboard/index.html.erb
+++ b/app/views/dashboard/index.html.erb
@@ -7,85 +7,73 @@
      services:
    </p>
    <div class="services grid grid-cols-1 sm:grid-cols-2 gap-4 sm:gap-6">
-      <% if Setting.ejabberd_enabled? %>
+      <div class="border border-gray-300 rounded-md hover:border-gray-400
-        <div class="border border-gray-300 rounded-md hover:border-gray-400
+                  bg-cover bg-[center_top_-50px] bg-no-repeat
-                    bg-cover bg-[center_top_-50px] bg-no-repeat
+                  bg-[url(/img/logos/icon_xmpp.svg)]">
-                    bg-[url(/img/logos/icon_xmpp.svg)]">
+        <%= link_to "https://wiki.kosmos.org/Services:Chat",
-          <%= link_to services_chat_path,
+              class: "block h-full px-6 py-6 rounded-md" do %>
-                class: "block h-full px-6 py-6 rounded-md" do %>
+          <h3 class="mb-3.5">Chat</h3>
-            <h3 class="mb-3.5">Chat</h3>
+          <p class="text-gray-600">
-            <p class="text-gray-600">
+            Federated chat rooms and instant messaging
-              Federated chat rooms and instant messaging
+          </p>
-            </p>
+        <% end %>
-          <% end %>
+      </div>
-        </div>
+      <div class="border border-gray-300 rounded-md hover:border-gray-400
-      <% end %>
+                  bg-[length:95%] bg-center bg-no-repeat
-      <% if Setting.mastodon_enabled? %>
+                  bg-[url(/img/logos/icon_discourse.svg)]">
-        <div class="border border-gray-300 rounded-md hover:border-gray-400
+        <%= link_to "#{Setting.discourse_public_url}/session/sso?return_path=/",
-                    bg-[length:80%] bg-[right_top_-30px] bg-no-repeat
+              class: "block h-full px-6 py-6 rounded-md" do %>
-                    bg-[url(/img/logos/icon_mastodon.svg)]">
+          <h3 class="mb-3.5">Discourse</h3>
-          <%= link_to services_mastodon_path, class: "block h-full px-6 py-6 rounded-md" do %>
+          <p class="text-gray-600">
-            <h3 class="mb-3.5">Mastodon</h3>
+            Kosmos community forums and user support/help site
-            <p class="text-gray-600">
+          </p>
-              Your account on the Open Social Web
+        <% end %>
-            </p>
+      </div>
-          <% end %>
+      <div class="border border-gray-300 rounded-md hover:border-gray-400
-        </div>
+                  bg-cover bg-[center_top_-20px] bg-no-repeat
-      <% end %>
+                  bg-[url(/img/logos/icon_mediawiki.svg)]">
-      <% if Setting.discourse_enabled? %>
+        <%= link_to "https://wiki.kosmos.org",
-        <div class="border border-gray-300 rounded-md hover:border-gray-400
+              class: "block h-full px-6 py-6 rounded-md" do %>
-                    bg-[length:95%] bg-center bg-no-repeat
+          <h3 class="mb-3.5">Wiki</h3>
-                    bg-[url(/img/logos/icon_discourse.svg)]">
+          <p class="text-gray-600">
-          <%= link_to "#{Setting.discourse_public_url}/session/sso?return_path=/",
+            Kosmos documentation and knowledge base
-                class: "block h-full px-6 py-6 rounded-md" do %>
+          </p>
-            <h3 class="mb-3.5">Discourse</h3>
+        <% end %>
-            <p class="text-gray-600">
+      </div>
-              Kosmos community forums and user support/help site
+      <div class="border border-gray-300 rounded-md hover:border-gray-400
-            </p>
+                  bg-cover bg-center sm:bg-[center_top_-140px] bg-no-repeat
-          <% end %>
+                  bg-[url(/img/logos/icon_lightning.svg)]">
-        </div>
+        <%= link_to services_lightning_index_path,
-      <% end %>
+              class: "block h-full px-6 py-6 rounded-md" do %>
-      <% if Setting.lndhub_enabled? %>
+          <h3 class="mb-3.5">Lightning Network</h3>
-        <div class="border border-gray-300 rounded-md hover:border-gray-400
+          <p class="text-gray-600">
-                    bg-cover bg-center sm:bg-[center_top_-140px] bg-no-repeat
+            Send and receive sats over the Bitcoin Lightning Network
-                    bg-[url(/img/logos/icon_lightning.svg)]">
+          </p>
-          <%= link_to services_lightning_index_path,
+        <% end %>
-                class: "block h-full px-6 py-6 rounded-md" do %>
+      </div>
-            <h3 class="mb-3.5">Lightning Network</h3>
+      <div class="border border-gray-300 rounded-md hover:border-gray-400
-            <p class="text-gray-600">
+                  bg-cover bg-center bg-no-repeat
-              Send and receive sats over the Bitcoin Lightning Network
+                  bg-[url(/img/logos/icon_gitea.png)]">
-            </p>
+        <%= link_to "https://gitea.kosmos.org",
-          <% end %>
+              class: "block h-full px-6 py-6 rounded-md" do %>
-        </div>
+          <h3 class="mb-3.5">Gitea</h3>
-      <% end %>
+          <p class="text-gray-600">
-      <% if Setting.gitea_enabled? %>
+            Code hosting and collaboration for software projects
-        <div class="border border-gray-300 rounded-md hover:border-gray-400
+          </p>
-                    bg-cover bg-center bg-no-repeat
+        <% end %>
-                    bg-[url(/img/logos/icon_gitea.png)]">
+      </div>
-          <%= link_to Setting.gitea_public_url,
+      <div class="border border-gray-300 rounded-md hover:border-gray-400
-                class: "block h-full px-6 py-6 rounded-md" do %>
+                  bg-cover bg-[center_top_-70px] bg-no-repeat
-            <h3 class="mb-3.5">Gitea</h3>
+                  bg-[url(/img/logos/icon_droneci.svg)]">
-            <p class="text-gray-600">
+        <%= link_to "https://drone.kosmos.org",
-              Code hosting and collaboration for software projects
+              class: "block h-full px-6 py-6 rounded-md" do %>
-            </p>
+          <h3 class="mb-3.5">Drone CI</h3>
-          <% end %>
+          <p class="text-gray-600">
-        </div>
+            Continuous integration for software projects on Gitea
-      <% end %>
+          </p>
-      <% if Setting.droneci_enabled? %>
+        <% end %>
-        <div class="border border-gray-300 rounded-md hover:border-gray-400
+      </div>
-                    bg-cover bg-[center_top_-70px] bg-no-repeat
+      <% if Setting.remotestorage_enabled? && Flipper.enabled?(:remotestorage, current_user) %>
                    bg-[url(/img/logos/icon_droneci.svg)]">
          <%= link_to Setting.droneci_public_url,
                class: "block h-full px-6 py-6 rounded-md" do %>
            <h3 class="mb-3.5">Drone CI</h3>
            <p class="text-gray-600">
              Continuous integration for software projects on Gitea
            </p>
          <% end %>
        </div>
      <% end %>
      <% if Setting.remotestorage_enabled? &&
            Flipper.enabled?(:remotestorage, current_user) %>
        <div class="border border-gray-300 rounded-md hover:border-gray-400">
          <%= link_to services_storage_path,
                class: "block h-full px-6 py-6 rounded-md" do %>
@@ -96,19 +84,16 @@
          <% end %>
        </div>
      <% end %>
-      <% if Setting.mediawiki_enabled? %>
+      <!-- <div class="border border&#45;gray&#45;300 rounded&#45;md hover:border&#45;gray&#45;400 -->
-        <div class="border border-gray-300 rounded-md hover:border-gray-400
+      <!--             bg&#45;[length:80%] bg&#45;[right_top_&#45;30px] bg&#45;no&#45;repeat -->
-                    bg-cover bg-[center_top_-20px] bg-no-repeat
+      <!--             bg&#45;[url(/img/logos/icon_mastodon.svg)]"> -->
-                    bg-[url(/img/logos/icon_mediawiki.svg)]">
+      <!--   <%= link_to "https://kosmos.social", class: "block h&#45;full px&#45;6 py&#45;6 rounded&#45;md" do %> -->
-          <%= link_to Setting.mediawiki_public_url,
+      <!--     <h3 class="mb&#45;3.5">Mastodon</h3> -->
-                class: "block h-full px-6 py-6 rounded-md" do %>
+      <!--     <p class="text&#45;gray&#45;400"> -->
-            <h3 class="mb-3.5">Wiki</h3>
+      <!--       Your account on the Open Social Web -->
-            <p class="text-gray-600">
+      <!--     </p> -->
-              Kosmos documentation and knowledge base
+      <!--   <% end %> -->
-            </p>
+      <!-- </div> -->
          <% end %>
        </div>
      <% end %>
    </div>
  </section>
 <% end %>
--- a/app/views/devise/passwords/new.html.erb
+++ b/app/views/devise/passwords/new.html.erb
@@ -10,7 +10,7 @@
      <p class="flex gap-2 items-center">
        <%= f.text_field :cn, autofocus: true, autocomplete: "username",
                              required: true, class: "relative grow"%>
-        <span class="relative shrink-0 text-gray-500">@ <%= Setting.primary_domain %></span>
+        <span class="relative shrink-0 text-gray-500">@ kosmos.org</span>
      </p>
    </div>
    <p>
--- a/app/views/devise/sessions/new.html.erb
+++ b/app/views/devise/sessions/new.html.erb
@@ -12,17 +12,15 @@
    <div class="mb-6">
      <%= f.label :cn, 'User', class: 'block mb-2 font-bold' %>
      <p class="flex gap-2 items-center">
-        <%= f.text_field :cn, value: h(params[:cn]),
+        <%= f.text_field :cn, autofocus: true, autocomplete: "username",
              autofocus: params[:cn].blank?, autocomplete: "username",
              required: true, class: "relative grow", tabindex: "1" %>
-        <span class="relative shrink-0 text-gray-500">@ <%= Setting.primary_domain %></span>
+        <span class="relative shrink-0 text-gray-500">@ kosmos.org</span>
      </p>
    </div>
    <p class="mb-8">
      <%= f.label :password, class: 'block mb-2 font-bold' %>
      <%= f.password_field :password, autocomplete: "current-password",
-            autofocus: params[:cn].present?, required: true,
+            required: true, class: "w-full", tabindex: "2" %>
            class: "w-full", tabindex: "2" %>
    </p>
    <%= tag.div class: "flex items-center mb-8 gap-x-3", data: {
--- a/app/views/icons/_alert-triangle.html.erb
+++ b/app/views/icons/_alert-triangle.html.erb
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-alert-triangle <%= custom_class %>"><path d="M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0z"></path><line x1="12" y1="9" x2="12" y2="13"></line><line x1="12" y1="17" x2="12.01" y2="17"></line></svg>
+<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-alert-triangle"><path d="M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0z"></path><line x1="12" y1="9" x2="12" y2="13"></line><line x1="12" y1="17" x2="12.01" y2="17"></line></svg>
--- a/app/views/icons/_asterisk.html.erb
+++ b/app/views/icons/_asterisk.html.erb
@@ -1 +0,0 @@
 <svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 512 512" fill="currentColor" stroke="currentColor" stroke-width="2" class="<%= custom_class %>"><path d="M475.31 364.144L288 256l187.31-108.144c5.74-3.314 7.706-10.653 4.392-16.392l-4-6.928c-3.314-5.74-10.653-7.706-16.392-4.392L272 228.287V12c0-6.627-5.373-12-12-12h-8c-6.627 0-12 5.373-12 12v216.287L52.69 120.144c-5.74-3.314-13.079-1.347-16.392 4.392l-4 6.928c-3.314 5.74-1.347 13.079 4.392 16.392L224 256 36.69 364.144c-5.74 3.314-7.706 10.653-4.392 16.392l4 6.928c3.314 5.74 10.653 7.706 16.392 4.392L240 283.713V500c0 6.627 5.373 12 12 12h8c6.627 0 12-5.373 12-12V283.713l187.31 108.143c5.74 3.314 13.079 1.347 16.392-4.392l4-6.928c3.314-5.74 1.347-13.079-4.392-16.392z"/></svg>
--- a/app/views/icons/_folder.html.erb
+++ b/app/views/icons/_folder.html.erb
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-folder <%= custom_class %>"><path d="M22 19a2 2 0 0 1-2 2H4a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h5l2 3h9a2 2 0 0 1 2 2z"></path></svg>
+<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-folder"><path d="M22 19a2 2 0 0 1-2 2H4a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h5l2 3h9a2 2 0 0 1 2 2z"></path></svg>
--- a/Show More
+++ b/Show More
		`@@ -1,2 +0,0 @@`
			`class ModalComponent < ViewComponent::Base`
			`end`
		`@@ -1,2 +0,0 @@`
			`class AppCatalogManagerService < ApplicationService`
			`end`
		`@@ -1 +1 @@`
			`<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-alert-triangle <%= custom_class %>"><path d="M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0z"></path><line x1="12" y1="9" x2="12" y2="13"></line><line x1="12" y1="17" x2="12.01" y2="17"></line></svg>`				`<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-alert-triangle"><path d="M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0z"></path><line x1="12" y1="9" x2="12" y2="13"></line><line x1="12" y1="17" x2="12.01" y2="17"></line></svg>`
		`@@ -1 +0,0 @@`
			<svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 512 512" fill="currentColor" stroke="currentColor" stroke-width="2" class="<%= custom_class %>"><path d="M475.31 364.144L288 256l187.31-108.144c5.74-3.314 7.706-10.653 4.392-16.392l-4-6.928c-3.314-5.74-10.653-7.706-16.392-4.392L272 228.287V12c0-6.627-5.373-12-12-12h-8c-6.627 0-12 5.373-12 12v216.287L52.69 120.144c-5.74-3.314-13.079-1.347-16.392 4.392l-4 6.928c-3.314 5.74-1.347 13.079 4.392 16.392L224 256 36.69 364.144c-5.74 3.314-7.706 10.653-4.392 16.392l4 6.928c3.314 5.74 10.653 7.706 16.392 4.392L240 283.713V500c0 6.627 5.373 12 12 12h8c6.627 0 12-5.373 12-12V283.713l187.31 108.143c5.74 3.314 13.079 1.347 16.392-4.392l4-6.928c3.314-5.74 1.347-13.079-4.392-16.392z"/></svg>