kosmos/akkounts
8
1
Fork 0
Code Issues 22 Pull Requests 1 Actions Packages Releases 12 Activity

Compare commits

base: kosmos:docs/integrations
Branches Tags
kosmos:master kosmos:live kosmos:chore/btcpay_expired_paid-late kosmos:feature/nostr-onboarding-ruby kosmos:feature/nostr-onboarding kosmos:feature/import_deno_modules kosmos:docs/integrations kosmos:feature/ldap_aci kosmos:feature/contribution_nav
kosmos:v0.10.0 kosmos:v0.9.0 kosmos:v0.8.1 kosmos:v0.8.0 kosmos:v0.7.0 kosmos:v0.6.0 kosmos:v0.5.0 kosmos:v0.4.0 kosmos:v0.3.0 kosmos:v0.2.1 kosmos:v0.2.0 kosmos:v0.1.0
...
compare: kosmos:5a523fd220cc6d30bc67f6e1e288e2eca9407728
Branches Tags
kosmos:live kosmos:master kosmos:chore/btcpay_expired_paid-late kosmos:feature/nostr-onboarding-ruby kosmos:feature/nostr-onboarding kosmos:feature/import_deno_modules kosmos:docs/integrations kosmos:feature/ldap_aci kosmos:feature/contribution_nav
kosmos:v0.10.0 kosmos:v0.9.0 kosmos:v0.8.1 kosmos:v0.8.0 kosmos:v0.7.0 kosmos:v0.6.0 kosmos:v0.5.0 kosmos:v0.4.0 kosmos:v0.3.0 kosmos:v0.2.1 kosmos:v0.2.0 kosmos:v0.1.0

67 Commits
docs/integ ... 5a523fd220

Author SHA1 Message Date
Râu Cao
5a523fd220 Merge pull request 'Refactor database configs' (#220) from chore/db_configs into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #220
 2025-05-05 12:54:22 +00:00
Râu Cao
889c9ae824 Refactor database configs
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
Release Drafter / Update release notes draft (pull_request) Successful in 2s
Details 
* Move postgres credentials to ENV vars
* Allow postgres in development
* Allow SQlite in production
* Refactor optional lndhub db config

Co-authored-by: Greg Karékinian <greg@karekinian.com>
 2025-05-05 15:25:25 +04:00
Râu Cao
e686cf42e8 Merge pull request 'Switch from Sidekiq to Solid Queue' (#219) from dev/sidekiq_to_solidqueue into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #219
Reviewed-by: Greg <greg@noreply.kosmos.org>
 2025-05-05 11:24:56 +00:00
Râu Cao
906468d156 Allow to immediately expire auth via job
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
Release Drafter / Update release notes draft (pull_request) Successful in 3s
Details 
When running the job before its schedule
 2025-05-05 12:46:46 +04:00
Râu Cao
ee5c6d86d0 Port RS auth job removal to Solid Queue
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-05-05 11:07:30 +04:00
Râu Cao
d1eea85b04 Add Redis gem explicitly, remove sidekiq require
Some checks failed
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/pr Build is failing
Details
2025-05-04 18:14:49 +04:00
Râu Cao
ecd814641a Remove Sidekiq initializer
Some checks failed
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/pr Build is failing
Details
2025-05-04 17:44:37 +04:00
Râu Cao
b1dd5800b2 Update lockfile
Some checks failed
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/pr Build is failing
Details
2025-05-04 17:42:31 +04:00
Râu Cao
0cad4cdcfe WIP Switch from Sidekiq to Solid Queue
Some checks failed
continuous-integration/drone/push Build is running
Details
continuous-integration/drone/pr Build is failing
Details
2025-05-04 17:40:33 +04:00
Greg
b61906059c Merge pull request 'Upgrade Rails to 8.0' (#216) from chore/upgrade_rails into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #216
Reviewed-by: Greg <greg@noreply.kosmos.org>
 2025-04-30 08:36:16 +00:00
Râu Cao
aef779a59c Switch from Sprockets to Propshaft
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
Release Drafter / Update release notes draft (pull_request) Successful in 1s
Details
2025-04-29 17:11:21 +04:00
Râu Cao
1ddecab2c3 Upgrade Rails to 8.0
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-04-28 17:49:54 +04:00
Râu Cao
74b4bc3875 Upgrade Rails to 7.2
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-04-28 00:17:25 +04:00
Râu Cao
646c95ecc2 Fix local/development RS auth URL
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-04-27 16:09:32 +04:00
Râu Cao
fb054ae455 Add task for generating ctags
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-04-26 12:37:10 +04:00
Râu Cao
536052e9bf Merge pull request 'Upgrade strfry/deno, port strfry policies to @nostrify/policies' (#214) from chore/upgrade_strfry_deno into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #214
 2025-04-18 10:51:35 +00:00
Râu Cao
b29a0abb0b Document strfry integration
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
Release Drafter / Update release notes draft (pull_request) Successful in 3s
Details
2025-04-16 17:34:10 +04:00
Râu Cao
29ff486683 Port strfry policies to @nostrify/policies 
Use packages from JSR and adapt code for new policy APIs
 2025-04-15 19:01:22 +04:00
Râu Cao
e53b9dd186 Upgrade strfry docker image 
Contains latest strfry (1.0.4) and deno (2.2.10)
 2025-04-15 19:00:52 +04:00
Râu Cao
a2921297fe Fix seeds 
The CreateAccount service has moved to a namespace
 2025-04-11 16:14:44 +04:00
Râu Cao
7df56479a4 Fix 500 when pubkey is nil 2025-01-02 08:30:58 -05:00
Râu Cao
8aa3ca9e23 Merge pull request 'Let users upload their OpenPGP public key, and serve WKD response' (#205) from feature/191-gpg_keys_wkd into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #205
Reviewed-by: galfert <garret.alfert@gmail.com>
 2024-10-14 14:08:31 +00:00
Râu Cao
3ad1d03785 Merge pull request 'Encrypt all system emails for users with PGP key' (#207) from feature/encrypted_system_emails into feature/191-gpg_keys_wkd
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
Release Drafter / Update release notes draft (pull_request) Successful in 4s
Details 
Reviewed-on: #207
Reviewed-by: galfert <garret.alfert@gmail.com>
 2024-10-14 13:39:01 +00:00
Râu Cao
e258a8bd27 Merge pull request 'Use ASCII format for nostrKey LDAP schema' (#206) from chore/nostr_key_ldap_schema into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #206
Reviewed-by: galfert <garret.alfert@gmail.com>
 2024-10-10 14:18:31 +00:00
Râu Cao
339462f320 Refactor mailer options usage
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
Release Drafter / Update release notes draft (pull_request) Successful in 5s
Details
2024-10-08 14:06:10 +02:00
Râu Cao
c4c2d16342 Encrypt outgoing emails when possible 2024-10-08 14:05:50 +02:00
Râu Cao
3ee76e26ab Re-import user's pubkey on access
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details 
Sometimes, the pubkey might not be imported in the local keychain
(anymore), but at this point in the code it had been successfully
imported at least once before. So we just (re-)import every time for it
to never fail.
 2024-10-08 11:34:18 +02:00
Râu Cao
729e4fd566 Add WKD policy endpoint
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2024-09-26 23:11:21 +02:00
Râu Cao
8ad6adbaeb Use ASCII format for nostrKey LDAP schema
Some checks failed
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
Release Drafter / Update release notes draft (pull_request) Failing after 10m11s
Details 
No need for UTF-8
 2024-09-25 18:35:48 +02:00
Râu Cao
534e5a9d3c Gracefully handle wrong capitalization of username
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2024-09-25 00:20:30 +02:00
Râu Cao
1b72c97f42 Remove obsolete code 2024-09-25 00:17:30 +02:00
Râu Cao
bfd8ca16a9 Merge branch 'master' into feature/191-gpg_keys_wkd 2024-09-25 00:16:39 +02:00
Râu Cao
64de4deddd Fix serviceEnabled indicator on admin page
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-09-24 21:38:01 +02:00
Râu Cao
9f6fa6deba Remove example link
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details 
Until we have a live example on kosmos.org
 2024-09-23 20:36:05 +02:00
Râu Cao
37b106e73c Whitespace
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2024-09-23 19:22:52 +02:00
Râu Cao
c3f1f97e1a Add display name and PGP key to admin user page 
Link the key to the ASCII Armor WKD endpoint, if it contains the user's
account address
 2024-09-23 19:21:59 +02:00
Râu Cao
4a677178e8 Add Web Key Directory endpoint 
Serve public keys in binary and armored text, if they contain a user's
account address.
 2024-09-23 19:20:10 +02:00
Râu Cao
3042a02a17 Allow users to update their OpenPGP pubkey
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-09-23 18:13:39 +02:00
Râu Cao
118fddb497 Document URLs for settings controller actions 
No need to read the route sources all the time
 2024-09-23 16:07:02 +02:00
Râu Cao
ba683a7b95 Move some Rails app services to UserManager namespace
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-09-23 16:03:02 +02:00
Râu Cao
90a8a70c15 Add OpenPGP key to LDAP directory and User model
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-09-23 15:20:00 +02:00
Râu Cao
8f7994d82e 0.10.0
All checks were successful
continuous-integration/drone/tag Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2024-09-18 15:49:07 +02:00
Râu Cao
a7d0e71ab6 Fix spec
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-09-18 14:46:46 +02:00
Râu Cao
27d9f73c61 Set host for RS auth url
Some checks failed
continuous-integration/drone/push Build is failing
Details 
With X-Forwarded-Host set on the proxied request, Rails uses that host
for URLs. But we need it to be the accounts domain.
 2024-09-14 17:17:09 +02:00
Râu Cao
ed3de8b16f Allow CORS for all LNURL endpoints
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-09-14 16:46:14 +02:00
Râu Cao
d7b4c67953 Fix config when set to empty string
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-09-14 16:40:22 +02:00
Greg
7489d4a32f Merge pull request 'Add config for separate primary domain Nostr pubkey' (#204) from feature/nostr_pubkey_primary_domain into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #204
Reviewed-by: Greg <greg@noreply.kosmos.org>
 2024-09-13 12:33:11 +00:00
Râu Cao
ac77e5b7c1 Allow ENV var for new setting
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
Release Drafter / Update release notes draft (pull_request) Successful in 5s
Details
2024-09-11 16:31:04 +02:00
Râu Cao
e544c28105 Config for separate primary domain Nostr pubkey
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details 
Allow to configure a separate key for the NIP-05 address of the primary
domain vs the accounts domain.
 2024-09-11 16:28:12 +02:00
Râu Cao
4909dac5c2 Fix typo
All checks were successful
continuous-integration/drone/push Build is passing
Details 
The return value of `strip!` is `nil`
 2024-09-11 16:26:48 +02:00
Râu Cao
3cf4348695 Merge pull request 'Make default user services configurable by admins' (#203) from feature/default_service_settings into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #203
Reviewed-by: galfert <garret.alfert@gmail.com>
 2024-09-11 11:21:38 +00:00
Râu Cao
af3da0a26c Set CORS headers for all .well-known responses
All checks were successful
continuous-integration/drone/push Build is passing
Details 
So we don't have to consider it for reverse proxies etc.
 2024-09-10 16:06:11 +02:00
Râu Cao
2d32320c7d Style check boxes
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
Release Drafter / Update release notes draft (pull_request) Successful in 5s
Details
2024-09-05 11:24:38 +02:00
Râu Cao
fc2bec6246 Make default user services configurable by admin
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2024-09-05 11:11:32 +02:00
Râu Cao
5addd25186 Add service details config, use for known services 2024-09-05 11:10:54 +02:00
Râu Cao
215d178e69 Remove empty spec files 2024-09-05 11:10:10 +02:00
Râu Cao
5474bf66e7 Turn default services into a configurable setting 
With the default value being all enabled services
 2024-09-04 13:06:32 +02:00
Râu Cao
ef2a37e2bf Sort user services in LDAP entry 
Makes it predictable for programmatic comparisons (e.g. tests)
 2024-09-04 13:05:36 +02:00
Râu Cao
0e3180602c Rename "xmpp" user service back to "ejabberd" 
If we ever add support for others, we can combine them as "xmpp" in
helper methods
 2024-09-04 13:03:45 +02:00
Râu Cao
15e2f9b962 Remove "in development" note
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-08-28 14:55:34 +02:00
Râu Cao
4ae10c9b53 Refactor settings model
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Move the various sections to their own concerns, so they're easier to
find and maintain
 2024-08-28 14:39:08 +02:00
Râu Cao
45137e0cfe Merge pull request 'Fix Ruby issue on Apple silicon (without compiling a patched Ruby)' (#201) from chore/update_docker_image into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #201
Reviewed-by: galfert <garret.alfert@gmail.com>
 2024-08-28 08:12:31 +00:00
Râu Cao
717fe93104 Fix spec
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-08-22 14:07:54 +02:00
Râu Cao
fdac789ccb Add compatibility section to RS service page
Some checks failed
continuous-integration/drone/push Build is failing
Details
2024-08-19 15:13:19 +02:00
Râu Cao
9355dab6b6 Enable RS service for all new users for now
Some checks failed
continuous-integration/drone/push Build is failing
Details
2024-08-19 14:48:24 +02:00
Râu Cao
e08ea64f47 Update Docker base image
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
Release Drafter / Update release notes draft (pull_request) Successful in 5s
Details 
Fixes the bug with Ruby on Apple silicon
 2024-08-12 10:34:02 +02:00
Râu Cao
8cc2c9554f Revert "Fix Ruby in Docker container on Apple silicon" 
This reverts commit bbf3fb91a0.
 2024-08-12 10:15:18 +02:00
138 changed files with 3099 additions and 1357 deletions
Expand all files Collapse all files

9
.env.example
View File

@@ -1,6 +1,15 @@
# PRIMARY_DOMAIN=kosmos.org # PRIMARY_DOMAIN=kosmos.org
# AKKOUNTS_DOMAIN=accounts.example.com # AKKOUNTS_DOMAIN=accounts.example.com
# The default backend is SQLite
# DB_ADAPTER=postgresql
# PG_HOST=localhost
# PG_PORT=5432
# PG_DATABASE=akkounts
# PG_DATABASE_QUEUE=akkounts_queue
# PG_USERNAME=akkounts
# PG_PASSWORD=
# SMTP_SERVER=smtp.example.com # SMTP_SERVER=smtp.example.com
# SMTP_PORT=587 # SMTP_PORT=587
# SMTP_LOGIN=accounts # SMTP_LOGIN=accounts

4
.gitignore vendored
View File

@@ -37,6 +37,7 @@
/yarn-error.log /yarn-error.log
yarn-debug.log* yarn-debug.log*
.yarn-integrity .yarn-integrity
bun.lock
# Ignore local dotenv config file # Ignore local dotenv config file
.env .env
@@ -47,3 +48,6 @@ dump.rdb
/app/assets/builds/* /app/assets/builds/*
!/app/assets/builds/.keep !/app/assets/builds/.keep
# Ignore generated ctags
*.tags

13
Dockerfile
View File

@@ -1,18 +1,11 @@
# syntax=docker/dockerfile:1 # syntax=docker/dockerfile:1
FROM debian:bullseye-slim as base FROM ruby:3.3.4
SHELL ["/bin/bash", "-o", "pipefail", "-c"] SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# TODO Remove when upstream Ruby works properly on Apple silicon RUN apt-get update -qq && apt-get install -y --no-install-recommends curl \
RUN apt update && apt install -y build-essential wget autoconf libpq-dev pkg-config ldap-utils tini libvips
RUN wget https://github.com/postmodern/ruby-install/releases/download/v0.9.3/ruby-install-0.9.3.tar.gz \
&& tar -xzvf ruby-install-0.9.3.tar.gz \
&& cd ruby-install-0.9.3/ \
&& make install
RUN ruby-install -p https://github.com/ruby/ruby/pull/9371.diff ruby 3.3.0
ENV PATH="/opt/rubies/ruby-3.3.0/bin:${PATH}"
RUN apt-get install -y --no-install-recommends curl ldap-utils tini libvips
RUN curl -fsSL https://deb.nodesource.com/setup_lts.x | bash - RUN curl -fsSL https://deb.nodesource.com/setup_lts.x | bash -
RUN apt-get update && apt-get install -y nodejs RUN apt-get update && apt-get install -y nodejs

19
Gemfile
View File

@@ -2,13 +2,13 @@ source 'https://rubygems.org'
git_source(:github) { |repo| "https://github.com/#{repo}.git" } git_source(:github) { |repo| "https://github.com/#{repo}.git" }
# Bundle edge Rails instead: gem 'rails', github: 'rails/rails' # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
gem 'rails', '~> 7.1' gem 'rails', '~> 8.0'
# Use Puma as the app server # Use Puma as the app server
gem 'puma', '~> 4.1' gem 'puma', '~> 6.6'
# View components # View components
gem "view_component" gem "view_component"
# Separate dependency since Rails 7.0 # Asset bundler
gem 'sprockets-rails' gem 'propshaft'
# Allows custom JS build tasks to integrate with the asset pipeline # Allows custom JS build tasks to integrate with the asset pipeline
gem 'cssbundling-rails' gem 'cssbundling-rails'
# Use JavaScript with ESM import maps [https://github.com/rails/importmap-rails] # Use JavaScript with ESM import maps [https://github.com/rails/importmap-rails]
@@ -19,8 +19,6 @@ gem "turbo-rails"
gem "stimulus-rails" gem "stimulus-rails"
# Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
gem 'jbuilder', '~> 2.7' gem 'jbuilder', '~> 2.7'
# Use Redis adapter to run Action Cable in production
# gem 'redis', '~> 4.0'
# Use Active Model has_secure_password # Use Active Model has_secure_password
gem 'bcrypt', '~> 3.1' gem 'bcrypt', '~> 3.1'
@@ -44,6 +42,8 @@ gem 'pagy', '~> 6.0', '>= 6.0.2'
gem 'flipper' gem 'flipper'
gem 'flipper-active_record' gem 'flipper-active_record'
gem 'flipper-ui' gem 'flipper-ui'
gem 'gpgme', '~> 2.0.24'
gem 'zbase32', '~> 0.1.1'
# HTTP requests # HTTP requests
gem 'faraday' gem 'faraday'
@@ -51,8 +51,8 @@ gem 'down'
gem 'aws-sdk-s3', require: false gem 'aws-sdk-s3', require: false
# Background/scheduled jobs # Background/scheduled jobs
gem 'sidekiq', '< 7' gem 'solid_queue'
gem 'sidekiq-scheduler' gem "mission_control-jobs"
# Monitoring # Monitoring
gem "sentry-ruby" gem "sentry-ruby"
@@ -63,10 +63,11 @@ gem 'discourse_api'
gem "lnurl" gem "lnurl"
gem 'manifique', '~> 1.1.0' gem 'manifique', '~> 1.1.0'
gem 'nostr', '~> 0.6.0' gem 'nostr', '~> 0.6.0'
gem "redis", "~> 5.4"
group :development, :test do group :development, :test do
# Use sqlite3 as the database for Active Record # Use sqlite3 as the database for Active Record
gem 'sqlite3', '~> 1.7.2' gem 'sqlite3', '>= 2.1'
gem 'rspec-rails' gem 'rspec-rails'
gem 'rails-controller-testing' gem 'rails-controller-testing'
end end

567
Gemfile.lock
View File

@@ -1,110 +1,109 @@
GEM GEM
remote: https://rubygems.org/ remote: https://rubygems.org/
specs: specs:
actioncable (7.1.3) actioncable (8.0.2)
actionpack (= 7.1.3) actionpack (= 8.0.2)
activesupport (= 7.1.3) activesupport (= 8.0.2)
nio4r (~> 2.0) nio4r (~> 2.0)
websocket-driver (>= 0.6.1) websocket-driver (>= 0.6.1)
zeitwerk (~> 2.6) zeitwerk (~> 2.6)
actionmailbox (7.1.3) actionmailbox (8.0.2)
actionpack (= 7.1.3) actionpack (= 8.0.2)
activejob (= 7.1.3) activejob (= 8.0.2)
activerecord (= 7.1.3) activerecord (= 8.0.2)
activestorage (= 7.1.3) activestorage (= 8.0.2)
activesupport (= 7.1.3) activesupport (= 8.0.2)
mail (>= 2.7.1) mail (>= 2.8.0)
net-imap actionmailer (8.0.2)
net-pop actionpack (= 8.0.2)
net-smtp actionview (= 8.0.2)
actionmailer (7.1.3) activejob (= 8.0.2)
actionpack (= 7.1.3) activesupport (= 8.0.2)
actionview (= 7.1.3) mail (>= 2.8.0)
activejob (= 7.1.3)
activesupport (= 7.1.3)
mail (~> 2.5, >= 2.5.4)
net-imap
net-pop
net-smtp
rails-dom-testing (~> 2.2) rails-dom-testing (~> 2.2)
actionpack (7.1.3) actionpack (8.0.2)
actionview (= 7.1.3) actionview (= 8.0.2)
activesupport (= 7.1.3) activesupport (= 8.0.2)
nokogiri (>= 1.8.5) nokogiri (>= 1.8.5)
racc
rack (>= 2.2.4) rack (>= 2.2.4)
rack-session (>= 1.0.1) rack-session (>= 1.0.1)
rack-test (>= 0.6.3) rack-test (>= 0.6.3)
rails-dom-testing (~> 2.2) rails-dom-testing (~> 2.2)
rails-html-sanitizer (~> 1.6) rails-html-sanitizer (~> 1.6)
actiontext (7.1.3) useragent (~> 0.16)
actionpack (= 7.1.3) actiontext (8.0.2)
activerecord (= 7.1.3) actionpack (= 8.0.2)
activestorage (= 7.1.3) activerecord (= 8.0.2)
activesupport (= 7.1.3) activestorage (= 8.0.2)
activesupport (= 8.0.2)
globalid (>= 0.6.0) globalid (>= 0.6.0)
nokogiri (>= 1.8.5) nokogiri (>= 1.8.5)
actionview (7.1.3) actionview (8.0.2)
activesupport (= 7.1.3) activesupport (= 8.0.2)
builder (~> 3.1) builder (~> 3.1)
erubi (~> 1.11) erubi (~> 1.11)
rails-dom-testing (~> 2.2) rails-dom-testing (~> 2.2)
rails-html-sanitizer (~> 1.6) rails-html-sanitizer (~> 1.6)
activejob (7.1.3) activejob (8.0.2)
activesupport (= 7.1.3) activesupport (= 8.0.2)
globalid (>= 0.3.6) globalid (>= 0.3.6)
activemodel (7.1.3) activemodel (8.0.2)
activesupport (= 7.1.3) activesupport (= 8.0.2)
activerecord (7.1.3) activerecord (8.0.2)
activemodel (= 7.1.3) activemodel (= 8.0.2)
activesupport (= 7.1.3) activesupport (= 8.0.2)
timeout (>= 0.4.0) timeout (>= 0.4.0)
activestorage (7.1.3) activestorage (8.0.2)
actionpack (= 7.1.3) actionpack (= 8.0.2)
activejob (= 7.1.3) activejob (= 8.0.2)
activerecord (= 7.1.3) activerecord (= 8.0.2)
activesupport (= 7.1.3) activesupport (= 8.0.2)
marcel (~> 1.0) marcel (~> 1.0)
activesupport (7.1.3) activesupport (8.0.2)
base64 base64
benchmark (>= 0.3)
bigdecimal bigdecimal
concurrent-ruby (~> 1.0, >= 1.0.2) concurrent-ruby (~> 1.0, >= 1.3.1)
connection_pool (>= 2.2.5) connection_pool (>= 2.2.5)
drb drb
i18n (>= 1.6, < 2) i18n (>= 1.6, < 2)
logger (>= 1.4.2)
minitest (>= 5.1) minitest (>= 5.1)
mutex_m securerandom (>= 0.3)
tzinfo (~> 2.0) tzinfo (~> 2.0, >= 2.0.5)
addressable (2.8.6) uri (>= 0.13.1)
public_suffix (>= 2.0.2, < 6.0) addressable (2.8.7)
ast (2.4.2) public_suffix (>= 2.0.2, < 7.0)
aws-eventstream (1.3.0) ast (2.4.3)
aws-partitions (1.886.0) aws-eventstream (1.3.2)
aws-sdk-core (3.191.0) aws-partitions (1.1092.0)
aws-sdk-core (3.222.2)
aws-eventstream (~> 1, >= 1.3.0) aws-eventstream (~> 1, >= 1.3.0)
aws-partitions (~> 1, >= 1.651.0) aws-partitions (~> 1, >= 1.992.0)
aws-sigv4 (~> 1.8) aws-sigv4 (~> 1.9)
base64
jmespath (~> 1, >= 1.6.1) jmespath (~> 1, >= 1.6.1)
aws-sdk-kms (1.77.0) logger
aws-sdk-core (~> 3, >= 3.191.0) aws-sdk-kms (1.99.0)
aws-sigv4 (~> 1.1) aws-sdk-core (~> 3, >= 3.216.0)
aws-sdk-s3 (1.143.0) aws-sigv4 (~> 1.5)
aws-sdk-core (~> 3, >= 3.191.0) aws-sdk-s3 (1.183.0)
aws-sdk-core (~> 3, >= 3.216.0)
aws-sdk-kms (~> 1) aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.8) aws-sigv4 (~> 1.5)
aws-sigv4 (1.8.0) aws-sigv4 (1.11.0)
aws-eventstream (~> 1, >= 1.0.2) aws-eventstream (~> 1, >= 1.0.2)
backport (1.2.0) backport (1.2.0)
base64 (0.2.0) base64 (0.2.0)
bcrypt (3.1.20) bcrypt (3.1.20)
bech32 (1.4.2) bech32 (1.5.0)
thor (>= 1.1.0) thor (>= 1.1.0)
benchmark (0.3.0) benchmark (0.4.0)
bigdecimal (3.1.6) bigdecimal (3.1.9)
bindex (0.8.1) bindex (0.8.1)
bip-schnorr (0.7.0) bip-schnorr (0.7.0)
ecdsa_ext (~> 0.5.0) ecdsa_ext (~> 0.5.0)
builder (3.2.4) builder (3.3.0)
capybara (3.40.0) capybara (3.40.0)
addressable addressable
matrix matrix
@@ -114,23 +113,25 @@ GEM
rack-test (>= 0.6.3) rack-test (>= 0.6.3)
regexp_parser (>= 1.5, < 3.0) regexp_parser (>= 1.5, < 3.0)
xpath (~> 3.2) xpath (~> 3.2)
childprocess (5.1.0)
logger (~> 1.5)
chunky_png (1.4.0) chunky_png (1.4.0)
concurrent-ruby (1.2.3) concurrent-ruby (1.3.4)
connection_pool (2.4.1) connection_pool (2.5.2)
crack (0.4.6) crack (1.0.0)
bigdecimal bigdecimal
rexml rexml
crass (1.0.6) crass (1.0.6)
cssbundling-rails (1.4.0) cssbundling-rails (1.4.3)
railties (>= 6.0.0) railties (>= 6.0.0)
database_cleaner (2.0.2) database_cleaner (2.1.0)
database_cleaner-active_record (>= 2, < 3) database_cleaner-active_record (>= 2, < 3)
database_cleaner-active_record (2.1.0) database_cleaner-active_record (2.2.0)
activerecord (>= 5.a) activerecord (>= 5.a)
database_cleaner-core (~> 2.0.0) database_cleaner-core (~> 2.0.0)
database_cleaner-core (2.0.1) database_cleaner-core (2.0.1)
date (3.3.4) date (3.4.1)
devise (4.9.3) devise (4.9.4)
bcrypt (~> 3.0) bcrypt (~> 3.0)
orm_adapter (~> 0.1) orm_adapter (~> 0.1)
railties (>= 4.1.0) railties (>= 4.1.0)
@@ -139,105 +140,113 @@ GEM
devise_ldap_authenticatable (0.8.7) devise_ldap_authenticatable (0.8.7)
devise (>= 3.4.1) devise (>= 3.4.1)
net-ldap (>= 0.16.0) net-ldap (>= 0.16.0)
diff-lcs (1.5.1) diff-lcs (1.6.1)
discourse_api (2.0.1) discourse_api (2.0.1)
faraday (~> 2.7) faraday (~> 2.7)
faraday-follow_redirects faraday-follow_redirects
faraday-multipart faraday-multipart
rack (>= 1.6) rack (>= 1.6)
dotenv (2.8.1) dotenv (3.1.8)
dotenv-rails (2.8.1) dotenv-rails (3.1.8)
dotenv (= 2.8.1) dotenv (= 3.1.8)
railties (>= 3.2) railties (>= 6.1)
down (5.4.1) down (5.4.2)
addressable (~> 2.8) addressable (~> 2.8)
drb (2.2.0) drb (2.2.1)
ruby2_keywords
e2mmap (0.1.0)
ecdsa (1.2.0) ecdsa (1.2.0)
ecdsa_ext (0.5.1) ecdsa_ext (0.5.1)
ecdsa (~> 1.2.0) ecdsa (~> 1.2.0)
erubi (1.12.0) erubi (1.13.1)
et-orbi (1.2.7) et-orbi (1.2.11)
tzinfo tzinfo
event_emitter (0.2.6) event_emitter (0.2.6)
eventmachine (1.2.7) eventmachine (1.2.7)
factory_bot (6.4.6) factory_bot (6.5.1)
activesupport (>= 5.0.0) activesupport (>= 6.1.0)
factory_bot_rails (6.4.3) factory_bot_rails (6.4.4)
factory_bot (~> 6.4) factory_bot (~> 6.5)
railties (>= 5.0.0) railties (>= 5.0.0)
faker (3.2.3) faker (3.5.1)
i18n (>= 1.8.11, < 2) i18n (>= 1.8.11, < 2)
faraday (2.9.0) faraday (2.9.2)
faraday-net_http (>= 2.0, < 3.2) faraday-net_http (>= 2.0, < 3.2)
faraday-follow_redirects (0.3.0) faraday-follow_redirects (0.3.0)
faraday (>= 1, < 3) faraday (>= 1, < 3)
faraday-multipart (1.0.4) faraday-multipart (1.1.0)
multipart-post (~> 2) multipart-post (~> 2.0)
faraday-net_http (3.1.0) faraday-net_http (3.1.1)
net-http net-http
faye-websocket (0.11.3) faye-websocket (0.11.3)
eventmachine (>= 0.12.0) eventmachine (>= 0.12.0)
websocket-driver (>= 0.5.1) websocket-driver (>= 0.5.1)
ffi (1.16.3) ffi (1.17.2)
flipper (1.2.2) ffi (1.17.2-arm64-darwin)
ffi (1.17.2-x86_64-linux-gnu)
flipper (1.3.4)
concurrent-ruby (< 2) concurrent-ruby (< 2)
flipper-active_record (1.2.2) flipper-active_record (1.3.4)
activerecord (>= 4.2, < 8) activerecord (>= 4.2, < 9)
flipper (~> 1.2.2) flipper (~> 1.3.4)
flipper-ui (1.2.2) flipper-ui (1.3.4)
erubi (>= 1.0.0, < 2.0.0) erubi (>= 1.0.0, < 2.0.0)
flipper (~> 1.2.2) flipper (~> 1.3.4)
rack (>= 1.4, < 4) rack (>= 1.4, < 4)
rack-protection (>= 1.5.3, <= 4.0.0) rack-protection (>= 1.5.3, < 5.0.0)
sanitize (< 7) rack-session (>= 1.0.2, < 3.0.0)
fugit (1.9.0) sanitize (< 8)
et-orbi (~> 1, >= 1.2.7) fugit (1.11.1)
et-orbi (~> 1, >= 1.2.11)
raabro (~> 1.4) raabro (~> 1.4)
globalid (1.2.1) globalid (1.2.1)
activesupport (>= 6.1) activesupport (>= 6.1)
hashdiff (1.1.0) gpgme (2.0.24)
i18n (1.14.1) mini_portile2 (~> 2.7)
hashdiff (1.1.2)
i18n (1.14.7)
concurrent-ruby (~> 1.0) concurrent-ruby (~> 1.0)
image_processing (1.12.2) image_processing (1.12.2)
mini_magick (>= 4.9.5, < 5) mini_magick (>= 4.9.5, < 5)
ruby-vips (>= 2.0.17, < 3) ruby-vips (>= 2.0.17, < 3)
importmap-rails (2.0.1) importmap-rails (2.1.0)
actionpack (>= 6.0.0) actionpack (>= 6.0.0)
activesupport (>= 6.0.0) activesupport (>= 6.0.0)
railties (>= 6.0.0) railties (>= 6.0.0)
io-console (0.7.2) io-console (0.8.0)
irb (1.11.1) irb (1.15.2)
rdoc pp (>= 0.6.0)
rdoc (>= 4.0.0)
reline (>= 0.4.2) reline (>= 0.4.2)
jaro_winkler (1.5.6) jaro_winkler (1.6.0)
jbuilder (2.11.5) jbuilder (2.13.0)
actionview (>= 5.0.0) actionview (>= 5.0.0)
activesupport (>= 5.0.0) activesupport (>= 5.0.0)
jmespath (1.6.2) jmespath (1.6.2)
json (2.7.1) json (2.11.3)
kramdown (2.4.0) kramdown (2.5.1)
rexml rexml (>= 3.3.9)
kramdown-parser-gfm (1.1.0) kramdown-parser-gfm (1.1.0)
kramdown (~> 2.0) kramdown (~> 2.0)
language_server-protocol (3.17.0.3) language_server-protocol (3.17.0.4)
launchy (2.5.2) launchy (3.1.1)
addressable (~> 2.8) addressable (~> 2.8)
letter_opener (1.8.1) childprocess (~> 5.0)
launchy (>= 2.2, < 3) logger (~> 1.6)
letter_opener_web (2.0.0) letter_opener (1.10.0)
actionmailer (>= 5.2) launchy (>= 2.2, < 4)
letter_opener (~> 1.7) letter_opener_web (3.0.0)
railties (>= 5.2) actionmailer (>= 6.1)
letter_opener (~> 1.9)
railties (>= 6.1)
rexml rexml
listen (3.8.0) lint_roller (1.1.0)
listen (3.9.0)
rb-fsevent (~> 0.10, >= 0.10.3) rb-fsevent (~> 0.10, >= 0.10.3)
rb-inotify (~> 0.9, >= 0.9.10) rb-inotify (~> 0.9, >= 0.9.10)
lnurl (1.1.0) lnurl (1.1.1)
bech32 (~> 1.1) bech32 (~> 1.1)
lockbox (1.3.2) lockbox (2.0.1)
loofah (2.22.0) logger (1.7.0)
loofah (2.24.0)
crass (~> 1.0.2) crass (~> 1.0.2)
nokogiri (>= 1.12.0) nokogiri (>= 1.12.0)
mail (2.8.1) mail (2.8.1)
@@ -249,18 +258,27 @@ GEM
faraday (~> 2.9.0) faraday (~> 2.9.0)
faraday-follow_redirects (= 0.3.0) faraday-follow_redirects (= 0.3.0)
nokogiri (~> 1.16.0) nokogiri (~> 1.16.0)
marcel (1.0.2) marcel (1.0.4)
matrix (0.4.2) matrix (0.4.2)
method_source (1.0.0) method_source (1.1.0)
mini_magick (4.12.0) mini_magick (4.13.2)
mini_mime (1.1.5) mini_mime (1.1.5)
mini_portile2 (2.8.5) mini_portile2 (2.8.8)
minitest (5.21.2) minitest (5.25.5)
multipart-post (2.3.0) mission_control-jobs (1.0.2)
mutex_m (0.2.0) actioncable (>= 7.1)
net-http (0.4.1) actionpack (>= 7.1)
activejob (>= 7.1)
activerecord (>= 7.1)
importmap-rails (>= 1.2.1)
irb (~> 1.13)
railties (>= 7.1)
stimulus-rails
turbo-rails
multipart-post (2.4.1)
net-http (0.6.0)
uri uri
net-imap (0.4.9.1) net-imap (0.5.7)
date date
net-protocol net-protocol
net-ldap (0.19.0) net-ldap (0.19.0)
@@ -268,15 +286,15 @@ GEM
net-protocol net-protocol
net-protocol (0.2.2) net-protocol (0.2.2)
timeout timeout
net-smtp (0.4.0.1) net-smtp (0.5.1)
net-protocol net-protocol
nio4r (2.7.0) nio4r (2.7.4)
nokogiri (1.16.0) nokogiri (1.16.8)
mini_portile2 (~> 2.8.2) mini_portile2 (~> 2.8.2)
racc (~> 1.4) racc (~> 1.4)
nokogiri (1.16.0-arm64-darwin) nokogiri (1.16.8-arm64-darwin)
racc (~> 1.4) racc (~> 1.4)
nokogiri (1.16.0-x86_64-linux) nokogiri (1.16.8-x86_64-linux)
racc (~> 1.4) racc (~> 1.4)
nostr (0.6.0) nostr (0.6.0)
bech32 (~> 1.4) bech32 (~> 1.4)
@@ -285,45 +303,57 @@ GEM
event_emitter (~> 0.2) event_emitter (~> 0.2)
faye-websocket (~> 0.11) faye-websocket (~> 0.11)
json (~> 2.6) json (~> 2.6)
observer (0.1.2)
orm_adapter (0.5.0) orm_adapter (0.5.0)
pagy (6.4.3) ostruct (0.6.1)
parallel (1.24.0) pagy (6.5.0)
parser (3.3.0.5) parallel (1.27.0)
parser (3.3.8.0)
ast (~> 2.4.1) ast (~> 2.4.1)
racc racc
pg (1.5.4) pg (1.5.9)
psych (5.1.2) pp (0.6.2)
prettyprint
prettyprint (0.2.0)
prism (1.4.0)
propshaft (1.1.0)
actionpack (>= 7.0.0)
activesupport (>= 7.0.0)
rack
railties (>= 7.0.0)
psych (5.2.3)
date
stringio stringio
public_suffix (5.0.4) public_suffix (6.0.1)
puma (4.3.12) puma (6.6.0)
nio4r (~> 2.0) nio4r (~> 2.0)
raabro (1.4.0) raabro (1.4.0)
racc (1.7.3) racc (1.8.1)
rack (2.2.8) rack (2.2.13)
rack-protection (3.2.0) rack-protection (3.2.0)
base64 (>= 0.1.0) base64 (>= 0.1.0)
rack (~> 2.2, >= 2.2.4) rack (~> 2.2, >= 2.2.4)
rack-session (1.0.2) rack-session (1.0.2)
rack (< 3) rack (< 3)
rack-test (2.1.0) rack-test (2.2.0)
rack (>= 1.3) rack (>= 1.3)
rackup (1.0.0) rackup (1.0.1)
rack (< 3) rack (< 3)
webrick webrick
rails (7.1.3) rails (8.0.2)
actioncable (= 7.1.3) actioncable (= 8.0.2)
actionmailbox (= 7.1.3) actionmailbox (= 8.0.2)
actionmailer (= 7.1.3) actionmailer (= 8.0.2)
actionpack (= 7.1.3) actionpack (= 8.0.2)
actiontext (= 7.1.3) actiontext (= 8.0.2)
actionview (= 7.1.3) actionview (= 8.0.2)
activejob (= 7.1.3) activejob (= 8.0.2)
activemodel (= 7.1.3) activemodel (= 8.0.2)
activerecord (= 7.1.3) activerecord (= 8.0.2)
activestorage (= 7.1.3) activestorage (= 8.0.2)
activesupport (= 7.1.3) activesupport (= 8.0.2)
bundler (>= 1.15.0) bundler (>= 1.15.0)
railties (= 7.1.3) railties (= 8.0.2)
rails-controller-testing (1.0.5) rails-controller-testing (1.0.5)
actionpack (>= 5.0.1.rc1) actionpack (>= 5.0.1.rc1)
actionview (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1)
@@ -332,138 +362,140 @@ GEM
activesupport (>= 5.0.0) activesupport (>= 5.0.0)
minitest minitest
nokogiri (>= 1.6) nokogiri (>= 1.6)
rails-html-sanitizer (1.6.0) rails-html-sanitizer (1.6.2)
loofah (~> 2.21) loofah (~> 2.21)
nokogiri (~> 1.14) nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
rails-settings-cached (2.8.3) rails-settings-cached (2.8.3)
activerecord (>= 5.0.0) activerecord (>= 5.0.0)
railties (>= 5.0.0) railties (>= 5.0.0)
railties (7.1.3) railties (8.0.2)
actionpack (= 7.1.3) actionpack (= 8.0.2)
activesupport (= 7.1.3) activesupport (= 8.0.2)
irb irb (~> 1.13)
rackup (>= 1.0.0) rackup (>= 1.0.0)
rake (>= 12.2) rake (>= 12.2)
thor (~> 1.0, >= 1.2.2) thor (~> 1.0, >= 1.2.2)
zeitwerk (~> 2.6) zeitwerk (~> 2.6)
rainbow (3.1.1) rainbow (3.1.1)
rake (13.1.0) rake (13.2.1)
rb-fsevent (0.11.2) rb-fsevent (0.11.2)
rb-inotify (0.10.1) rb-inotify (0.11.1)
ffi (~> 1.0) ffi (~> 1.0)
rbs (2.8.4) rbs (3.9.2)
rdoc (6.6.2) logger
rdoc (6.13.1)
psych (>= 4.0.0) psych (>= 4.0.0)
redis (4.8.1) redis (5.4.0)
regexp_parser (2.9.0) redis-client (>= 0.22.0)
reline (0.4.2) redis-client (0.24.0)
connection_pool
regexp_parser (2.10.0)
reline (0.6.1)
io-console (~> 0.5) io-console (~> 0.5)
responders (3.1.1) responders (3.1.1)
actionpack (>= 5.2) actionpack (>= 5.2)
railties (>= 5.2) railties (>= 5.2)
reverse_markdown (2.1.1) reverse_markdown (3.0.0)
nokogiri nokogiri
rexml (3.2.6) rexml (3.4.1)
rqrcode (2.2.0) rqrcode (2.2.0)
chunky_png (~> 1.0) chunky_png (~> 1.0)
rqrcode_core (~> 1.0) rqrcode_core (~> 1.0)
rqrcode_core (1.2.0) rqrcode_core (1.2.0)
rspec-core (3.12.2) rspec-core (3.13.3)
rspec-support (~> 3.12.0) rspec-support (~> 3.13.0)
rspec-expectations (3.12.3) rspec-expectations (3.13.3)
diff-lcs (>= 1.2.0, < 2.0) diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.12.0) rspec-support (~> 3.13.0)
rspec-mocks (3.12.6) rspec-mocks (3.13.2)
diff-lcs (>= 1.2.0, < 2.0) diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.12.0) rspec-support (~> 3.13.0)
rspec-rails (6.1.1) rspec-rails (7.1.1)
actionpack (>= 6.1) actionpack (>= 7.0)
activesupport (>= 6.1) activesupport (>= 7.0)
railties (>= 6.1) railties (>= 7.0)
rspec-core (~> 3.12) rspec-core (~> 3.13)
rspec-expectations (~> 3.12) rspec-expectations (~> 3.13)
rspec-mocks (~> 3.12) rspec-mocks (~> 3.13)
rspec-support (~> 3.12) rspec-support (~> 3.13)
rspec-support (3.12.1) rspec-support (3.13.2)
rubocop (1.60.2) rubocop (1.75.3)
json (~> 2.3) json (~> 2.3)
language_server-protocol (>= 3.17.0) language_server-protocol (~> 3.17.0.2)
lint_roller (~> 1.1.0)
parallel (~> 1.10) parallel (~> 1.10)
parser (>= 3.3.0.2) parser (>= 3.3.0.2)
rainbow (>= 2.2.2, < 4.0) rainbow (>= 2.2.2, < 4.0)
regexp_parser (>= 1.8, < 3.0) regexp_parser (>= 2.9.3, < 3.0)
rexml (>= 3.2.5, < 4.0) rubocop-ast (>= 1.44.0, < 2.0)
rubocop-ast (>= 1.30.0, < 2.0)
ruby-progressbar (~> 1.7) ruby-progressbar (~> 1.7)
unicode-display_width (>= 2.4.0, < 3.0) unicode-display_width (>= 2.4.0, < 4.0)
rubocop-ast (1.30.0) rubocop-ast (1.44.1)
parser (>= 3.2.1.0) parser (>= 3.3.7.2)
prism (~> 1.4)
ruby-progressbar (1.13.0) ruby-progressbar (1.13.0)
ruby-vips (2.2.0) ruby-vips (2.2.3)
ffi (~> 1.12) ffi (~> 1.12)
ruby2_keywords (0.0.5) logger
rufus-scheduler (3.9.1) sanitize (7.0.0)
fugit (~> 1.1, >= 1.1.6)
sanitize (6.1.0)
crass (~> 1.0.2) crass (~> 1.0.2)
nokogiri (>= 1.12.0) nokogiri (>= 1.16.8)
sentry-rails (5.16.1) securerandom (0.4.1)
sentry-rails (5.23.0)
railties (>= 5.0) railties (>= 5.0)
sentry-ruby (~> 5.16.1) sentry-ruby (~> 5.23.0)
sentry-ruby (5.16.1) sentry-ruby (5.23.0)
bigdecimal
concurrent-ruby (~> 1.0, >= 1.0.2) concurrent-ruby (~> 1.0, >= 1.0.2)
sidekiq (6.5.12) solargraph (0.54.2)
connection_pool (>= 2.2.5, < 3)
rack (~> 2.0)
redis (>= 4.5.0, < 5)
sidekiq-scheduler (5.0.3)
rufus-scheduler (~> 3.2)
sidekiq (>= 6, < 8)
tilt (>= 1.4.0)
solargraph (0.50.0)
backport (~> 1.2) backport (~> 1.2)
benchmark benchmark (~> 0.4)
bundler (~> 2.0) bundler (~> 2.0)
diff-lcs (~> 1.4) diff-lcs (~> 1.4)
e2mmap jaro_winkler (~> 1.6)
jaro_winkler (~> 1.5)
kramdown (~> 2.3) kramdown (~> 2.3)
kramdown-parser-gfm (~> 1.1) kramdown-parser-gfm (~> 1.1)
logger (~> 1.6)
observer (~> 0.1)
ostruct (~> 0.6)
parser (~> 3.0) parser (~> 3.0)
rbs (~> 2.0) rbs (~> 3.3)
reverse_markdown (~> 2.0) reverse_markdown (~> 3.0)
rubocop (~> 1.38) rubocop (~> 1.38)
thor (~> 1.0) thor (~> 1.0)
tilt (~> 2.0) tilt (~> 2.0)
yard (~> 0.9, >= 0.9.24) yard (~> 0.9, >= 0.9.24)
sprockets (4.2.1) yard-solargraph (~> 0.1)
concurrent-ruby (~> 1.0) solid_queue (1.1.5)
rack (>= 2.2.4, < 4) activejob (>= 7.1)
sprockets-rails (3.4.2) activerecord (>= 7.1)
actionpack (>= 5.2) concurrent-ruby (>= 1.3.1)
activesupport (>= 5.2) fugit (~> 1.11.0)
sprockets (>= 3.0.0) railties (>= 7.1)
sqlite3 (1.7.2) thor (~> 1.3.1)
sqlite3 (2.6.0)
mini_portile2 (~> 2.8.0) mini_portile2 (~> 2.8.0)
sqlite3 (1.7.2-arm64-darwin) sqlite3 (2.6.0-arm64-darwin)
sqlite3 (1.7.2-x86_64-linux) sqlite3 (2.6.0-x86_64-linux-gnu)
stimulus-rails (1.3.3) stimulus-rails (1.3.4)
railties (>= 6.0.0)
stringio (3.1.0)
thor (1.3.0)
tilt (2.3.0)
timeout (0.4.1)
turbo-rails (1.5.0)
actionpack (>= 6.0.0)
activejob (>= 6.0.0)
railties (>= 6.0.0) railties (>= 6.0.0)
stringio (3.1.7)
thor (1.3.2)
tilt (2.6.0)
timeout (0.4.3)
turbo-rails (2.0.13)
actionpack (>= 7.1.0)
railties (>= 7.1.0)
tzinfo (2.0.6) tzinfo (2.0.6)
concurrent-ruby (~> 1.0) concurrent-ruby (~> 1.0)
unicode-display_width (2.5.0) unicode-display_width (3.1.4)
uri (0.13.0) unicode-emoji (~> 4.0, >= 4.0.4)
view_component (3.10.0) unicode-emoji (4.0.4)
activesupport (>= 5.2.0, < 8.0) uri (1.0.3)
concurrent-ruby (~> 1.0) useragent (0.16.11)
view_component (3.22.0)
activesupport (>= 5.2.0, < 8.1)
concurrent-ruby (= 1.3.4)
method_source (~> 1.0) method_source (~> 1.0)
warden (1.2.9) warden (1.2.9)
rack (>= 2.0.9) rack (>= 2.0.9)
@@ -472,18 +504,22 @@ GEM
activemodel (>= 6.0.0) activemodel (>= 6.0.0)
bindex (>= 0.4.0) bindex (>= 0.4.0)
railties (>= 6.0.0) railties (>= 6.0.0)
webmock (3.19.1) webmock (3.25.1)
addressable (>= 2.8.0) addressable (>= 2.8.0)
crack (>= 0.3.2) crack (>= 0.3.2)
hashdiff (>= 0.4.0, < 2.0.0) hashdiff (>= 0.4.0, < 2.0.0)
webrick (1.8.1) webrick (1.9.1)
websocket-driver (0.7.6) websocket-driver (0.7.7)
base64
websocket-extensions (>= 0.1.0) websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5) websocket-extensions (0.1.5)
xpath (3.2.0) xpath (3.2.0)
nokogiri (~> 1.8) nokogiri (~> 1.8)
yard (0.9.34) yard (0.9.37)
zeitwerk (2.6.12) yard-solargraph (0.1.0)
yard (~> 0.9)
zbase32 (0.1.1)
zeitwerk (2.7.2)
PLATFORMS PLATFORMS
arm64-darwin-22 arm64-darwin-22
@@ -507,6 +543,7 @@ DEPENDENCIES
flipper flipper
flipper-active_record flipper-active_record
flipper-ui flipper-ui
gpgme (~> 2.0.24)
image_processing (~> 1.12.2) image_processing (~> 1.12.2)
importmap-rails importmap-rails
jbuilder (~> 2.7) jbuilder (~> 2.7)
@@ -516,23 +553,24 @@ DEPENDENCIES
lnurl lnurl
lockbox lockbox
manifique (~> 1.1.0) manifique (~> 1.1.0)
mission_control-jobs
net-ldap net-ldap
nostr (~> 0.6.0) nostr (~> 0.6.0)
pagy (~> 6.0, >= 6.0.2) pagy (~> 6.0, >= 6.0.2)
pg (~> 1.5) pg (~> 1.5)
puma (~> 4.1) propshaft
rails (~> 7.1) puma (~> 6.6)
rails (~> 8.0)
rails-controller-testing rails-controller-testing
rails-settings-cached (~> 2.8.3) rails-settings-cached (~> 2.8.3)
redis (~> 5.4)
rqrcode (~> 2.0) rqrcode (~> 2.0)
rspec-rails rspec-rails
sentry-rails sentry-rails
sentry-ruby sentry-ruby
sidekiq (< 7)
sidekiq-scheduler
solargraph solargraph
sprockets-rails solid_queue
sqlite3 (~> 1.7.2) sqlite3 (>= 2.1)
stimulus-rails stimulus-rails
turbo-rails turbo-rails
tzinfo-data tzinfo-data
@@ -540,6 +578,7 @@ DEPENDENCIES
warden warden
web-console (~> 4.2) web-console (~> 4.2)
webmock webmock
zbase32 (~> 0.1.1)
BUNDLED WITH BUNDLED WITH
2.5.5 2.5.5

2
README.md
View File

@@ -57,7 +57,7 @@ Running the test suite:
Running the test suite with Docker Compose requires overriding the Rails Running the test suite with Docker Compose requires overriding the Rails
environment: environment:
docker-compose run -e "RAILS_ENV=test" web rspec docker-compose exec -e "RAILS_ENV=test" web rspec
### Docker Compose ### Docker Compose

4
app/assets/config/manifest.js
View File

@@ -1,4 +0,0 @@
//= link_tree ../images
//= link_tree ../../javascript .js
//= link_tree ../builds
//= link_tree ../../../vendor/javascript .js

8
app/controllers/admin/settings/registrations_controller.rb
View File

@@ -9,4 +9,12 @@ class Admin::Settings::RegistrationsController < Admin::SettingsController
success: "Settings saved" success: "Settings saved"
} }
end end
private
def setting_params
params.require(:setting).permit([
:reserved_usernames, default_services: []
])
end
end end

17
app/controllers/admin/settings_controller.rb
View File

@@ -9,11 +9,12 @@ class Admin::SettingsController < Admin::BaseController
changed_keys = [] changed_keys = []
setting_params.keys.each do |key| setting_params.keys.each do |key|
next if setting_params[key].nil? || next if clean_param(key).nil? ||
(Setting.send(key).to_s == setting_params[key].strip) (Setting.send(key).to_s == clean_param(key))
changed_keys.push(key) changed_keys.push(key)
setting = Setting.new(var: key) setting = Setting.new(var: key)
setting.value = setting_params[key].strip setting.value = clean_param(key)
unless setting.valid? unless setting.valid?
@errors.merge!(setting.errors) @errors.merge!(setting.errors)
end end
@@ -24,7 +25,7 @@ class Admin::SettingsController < Admin::BaseController
end end
changed_keys.each do |key| changed_keys.each do |key|
Setting.send("#{key}=", setting_params[key].strip) Setting.send("#{key}=", clean_param(key))
end end
end end
@@ -37,4 +38,12 @@ class Admin::SettingsController < Admin::BaseController
def setting_params def setting_params
params.require(:setting).permit(Setting.editable_keys.map(&:to_sym)) params.require(:setting).permit(Setting.editable_keys.map(&:to_sym))
end end
def clean_param(key)
if Setting.get_field(key)[:type] == :string
setting_params[key].strip
else
setting_params[key]
end
end
end end

2
app/controllers/admin/users_controller.rb
View File

@@ -30,7 +30,7 @@ class Admin::UsersController < Admin::BaseController
amount = params[:amount].to_i amount = params[:amount].to_i
notify_user = ActiveRecord::Type::Boolean.new.cast(params[:notify_user]) notify_user = ActiveRecord::Type::Boolean.new.cast(params[:notify_user])
CreateInvitations.call(user: @user, amount: amount, notify: notify_user) UserManager::CreateInvitations.call(user: @user, amount: amount, notify: notify_user)
redirect_to admin_user_path(@user.cn), flash: { redirect_to admin_user_path(@user.cn), flash: {
success: "Added #{amount} invitations to #{@user.cn}'s account" success: "Added #{amount} invitations to #{@user.cn}'s account"

2
app/controllers/lnurlpay_controller.rb
View File

@@ -1,7 +1,7 @@
class LnurlpayController < ApplicationController class LnurlpayController < ApplicationController
before_action :check_service_available before_action :check_service_available
before_action :find_user before_action :find_user
before_action :set_cors_access_control_headers, only: [:invoice] before_action :set_cors_access_control_headers
MIN_SATS = 10 MIN_SATS = 10
MAX_SATS = 1_000_000 MAX_SATS = 1_000_000

2
app/controllers/services/chat_controller.rb
View File

@@ -3,7 +3,7 @@ class Services::ChatController < Services::BaseController
before_action :require_service_available before_action :require_service_available
def show def show
@service_enabled = current_user.service_enabled?(:xmpp) @service_enabled = current_user.service_enabled?(:ejabberd)
end end
private private

13
app/controllers/settings_controller.rb
View File

@@ -21,10 +21,12 @@ class SettingsController < ApplicationController
end end
end end
# PUT /settings/:section
def update def update
@user.preferences.merge!(user_params[:preferences] || {}) @user.preferences.merge!(user_params[:preferences] || {})
@user.display_name = user_params[:display_name] @user.display_name = user_params[:display_name]
@user.avatar_new = user_params[:avatar] @user.avatar_new = user_params[:avatar]
@user.pgp_pubkey = user_params[:pgp_pubkey]
if @user.save if @user.save
if @user.display_name && (@user.display_name != @user.ldap_entry[:display_name]) if @user.display_name && (@user.display_name != @user.ldap_entry[:display_name])
@@ -35,6 +37,10 @@ class SettingsController < ApplicationController
LdapManager::UpdateAvatar.call(dn: @user.dn, file: @user.avatar_new) LdapManager::UpdateAvatar.call(dn: @user.dn, file: @user.avatar_new)
end end
if @user.pgp_pubkey && (@user.pgp_pubkey != @user.ldap_entry[:pgp_key])
UserManager::UpdatePgpKey.call(user: @user)
end
redirect_to setting_path(@settings_section), flash: { redirect_to setting_path(@settings_section), flash: {
success: 'Settings saved.' success: 'Settings saved.'
} }
@@ -44,6 +50,7 @@ class SettingsController < ApplicationController
end end
end end
# POST /settings/update_email
def update_email def update_email
if @user.valid_ldap_authentication?(security_params[:current_password]) if @user.valid_ldap_authentication?(security_params[:current_password])
if @user.update email: email_params[:email] if @user.update email: email_params[:email]
@@ -61,6 +68,7 @@ class SettingsController < ApplicationController
end end
end end
# POST /settings/reset_email_password
def reset_email_password def reset_email_password
@user.current_password = security_params[:current_password] @user.current_password = security_params[:current_password]
@@ -83,6 +91,7 @@ class SettingsController < ApplicationController
end end
end end
# POST /settings/reset_password
def reset_password def reset_password
current_user.send_reset_password_instructions current_user.send_reset_password_instructions
sign_out current_user sign_out current_user
@@ -90,6 +99,7 @@ class SettingsController < ApplicationController
redirect_to check_your_email_path, notice: msg redirect_to check_your_email_path, notice: msg
end end
# POST /settings/set_nostr_pubkey
def set_nostr_pubkey def set_nostr_pubkey
signed_event = Nostr::Event.new(**nostr_event_from_params) signed_event = Nostr::Event.new(**nostr_event_from_params)
@@ -152,7 +162,8 @@ class SettingsController < ApplicationController
def user_params def user_params
params.require(:user).permit( params.require(:user).permit(
:display_name, :avatar, preferences: UserPreferences.pref_keys :display_name, :avatar, :pgp_pubkey,
preferences: UserPreferences.pref_keys
) )
end end

2
app/controllers/signup_controller.rb
View File

@@ -96,7 +96,7 @@ class SignupController < ApplicationController
session[:new_user] = nil session[:new_user] = nil
session[:validation_error] = nil session[:validation_error] = nil
CreateAccount.call(account: { UserManager::CreateAccount.call(account: {
username: @user.cn, username: @user.cn,
domain: Setting.primary_domain, domain: Setting.primary_domain,
email: @user.email, email: @user.email,

35
app/controllers/web_key_directory_controller.rb Normal file
View File

@@ -0,0 +1,35 @@
class WebKeyDirectoryController < WellKnownController
before_action :allow_cross_origin_requests
# /.well-known/openpgpkey/hu/:hashed_username(.txt)
def show
@user = User.find_by(cn: params[:l].downcase)
if @user.nil? ||
@user.pgp_pubkey.blank? ||
!@user.pgp_pubkey_contains_user_address?
http_status :not_found and return
end
if params[:hashed_username] != @user.wkd_hash
http_status :unprocessable_entity and return
end
respond_to do |format|
format.text do
response.headers['Content-Type'] = 'text/plain'
render plain: @user.pgp_pubkey
end
format.any do
key = @user.gnupg_key.export
send_data key, filename: "#{@user.wkd_hash}.pem",
type: "application/octet-stream"
end
end
end
def policy
head :ok
end
end

12
app/controllers/webfinger_controller.rb
View File

@@ -1,8 +1,6 @@
class WebfingerController < ApplicationController class WebfingerController < WellKnownController
before_action :allow_cross_origin_requests, only: [:show] before_action :allow_cross_origin_requests, only: [:show]
layout false
def show def show
resource = params[:resource] resource = params[:resource]
@@ -76,7 +74,7 @@ class WebfingerController < ApplicationController
end end
def remotestorage_link def remotestorage_link
auth_url = new_rs_oauth_url(@username) auth_url = new_rs_oauth_url(@username, host: Setting.rs_accounts_domain)
storage_url = "#{Setting.rs_storage_url}/#{@username}" storage_url = "#{Setting.rs_storage_url}/#{@username}"
{ {
@@ -91,10 +89,4 @@ class WebfingerController < ApplicationController
} }
} }
end end
def allow_cross_origin_requests
return unless Rails.env.development?
headers['Access-Control-Allow-Origin'] = "*"
headers['Access-Control-Allow-Methods'] = "GET"
end
end end

14
app/controllers/well_known_controller.rb
View File

@@ -1,5 +1,8 @@
class WellKnownController < ApplicationController class WellKnownController < ApplicationController
before_action :require_nostr_enabled, only: [ :nostr ] before_action :require_nostr_enabled, only: [ :nostr ]
before_action :allow_cross_origin_requests, only: [ :nostr ]
layout false
def nostr def nostr
http_status :unprocessable_entity and return if params[:name].blank? http_status :unprocessable_entity and return if params[:name].blank?
@@ -7,8 +10,14 @@ class WellKnownController < ApplicationController
relay_url = Setting.nostr_relay_url.presence relay_url = Setting.nostr_relay_url.presence
if params[:name] == "_" if params[:name] == "_"
if domain == Setting.primary_domain
# pubkey for the primary domain without a username (e.g. kosmos.org) # pubkey for the primary domain without a username (e.g. kosmos.org)
res = { names: { "_": Setting.nostr_public_key_primary_domain.presence || Setting.nostr_public_key } }
else
# pubkey for the akkounts domain without a username (e.g. accounts.kosmos.org)
res = { names: { "_": Setting.nostr_public_key } } res = { names: { "_": Setting.nostr_public_key } }
end
res[:relays] = { "_" => [ relay_url ] } if relay_url res[:relays] = { "_" => [ relay_url ] } if relay_url
else else
@user = User.where(cn: params[:name], ou: domain).first @user = User.where(cn: params[:name], ou: domain).first
@@ -30,4 +39,9 @@ class WellKnownController < ApplicationController
def require_nostr_enabled def require_nostr_enabled
http_status :not_found unless Setting.nostr_enabled? http_status :not_found unless Setting.nostr_enabled?
end end
def allow_cross_origin_requests
headers['Access-Control-Allow-Origin'] = "*"
headers['Access-Control-Allow-Methods'] = "GET"
end
end end

2
app/helpers/dashboard_helper.rb
View File

@@ -1,2 +0,0 @@
module DashboardHelper
end

2
app/helpers/donations_helper.rb
View File

@@ -1,2 +0,0 @@
module DonationsHelper
end

2
app/helpers/invitations_helper.rb
View File

@@ -1,2 +0,0 @@
module InvitationsHelper
end

2
app/helpers/lnurlpay_helper.rb
View File

@@ -1,2 +0,0 @@
module LnurlpayHelper
end

12
app/helpers/services_helper.rb Normal file
View File

@@ -0,0 +1,12 @@
module ServicesHelper
def service_human_name(key, category = :external)
SERVICES[category][key][:name] || key.to_s
end
def service_display_name(key, category = :external)
SERVICES[category][key][:display_name] ||
service_human_name(key, category)
end
end

2
app/helpers/settings_helper.rb
View File

@@ -1,2 +0,0 @@
module SettingsHelper
end

2
app/helpers/signup_helper.rb
View File

@@ -1,2 +0,0 @@
module SignupHelper
end

2
app/helpers/users_helper.rb
View File

@@ -1,2 +0,0 @@
module UsersHelper
end

2
app/helpers/wallet_helper.rb
View File

@@ -1,2 +0,0 @@
module WalletHelper
end

2
app/helpers/welcome_helper.rb
View File

@@ -1,2 +0,0 @@
module WelcomeHelper
end

2
app/jobs/remote_storage_expire_authorization_job.rb
View File

@@ -3,8 +3,6 @@ class RemoteStorageExpireAuthorizationJob < ApplicationJob
def perform(rs_auth_id) def perform(rs_auth_id)
rs_auth = RemoteStorageAuthorization.find rs_auth_id rs_auth = RemoteStorageAuthorization.find rs_auth_id
return unless rs_auth.expire_at.nil? || rs_auth.expire_at <= DateTime.now
rs_auth.destroy! rs_auth.destroy!
end end
end end

4
app/jobs/xmpp_exchange_contacts_job.rb
View File

@@ -2,8 +2,8 @@ class XmppExchangeContactsJob < ApplicationJob
queue_as :default queue_as :default
def perform(inviter, invitee) def perform(inviter, invitee)
return unless inviter.service_enabled?(:xmpp) && return unless inviter.service_enabled?(:ejabberd) &&
invitee.service_enabled?(:xmpp) && invitee.service_enabled?(:ejabberd) &&
inviter.preferences[:xmpp_exchange_contacts_with_invitees] inviter.preferences[:xmpp_exchange_contacts_with_invitees]
ejabberd = EjabberdApiClient.new ejabberd = EjabberdApiClient.new

87
app/mailers/application_mailer.rb
View File

@@ -1,3 +1,90 @@
class ApplicationMailer < ActionMailer::Base class ApplicationMailer < ActionMailer::Base
default Rails.application.config.action_mailer.default_options
layout 'mailer' layout 'mailer'
private
def send_mail
@template ||= "#{self.class.name.underscore}/#{caller[0][/`([^']*)'/, 1]}"
headers['Message-ID'] = message_id
if @user.pgp_pubkey.present?
mail(to: @user.email, subject: "...", content_type: pgp_content_type) do |format|
format.text { render plain: pgp_content }
end
else
mail(to: @user.email, subject: @subject) do |format|
format.text { render @template }
end
end
end
def from_address
self.class.default[:from]
end
def from_domain
Mail::Address.new(from_address).domain
end
def message_id
@message_id ||= "#{SecureRandom.uuid}@#{from_domain}"
end
def boundary
@boundary ||= SecureRandom.hex(8)
end
def pgp_content_type
"multipart/encrypted; protocol=\"application/pgp-encrypted\"; boundary=\"------------#{boundary}\""
end
def pgp_nested_content
message_content = render_to_string(template: @template)
message_content_base64 = Base64.encode64(message_content)
nested_boundary = SecureRandom.hex(8)
<<~NESTED_CONTENT
Content-Type: multipart/mixed; boundary="------------#{nested_boundary}"; protected-headers="v1"
Subject: #{@subject}
From: <#{from_address}>
To: #{@user.display_name || @user.cn} <#{@user.email}>
Message-ID: <#{message_id}>
--------------#{nested_boundary}
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: base64
#{message_content_base64}
--------------#{nested_boundary}--
NESTED_CONTENT
end
def pgp_content
encrypted_content = UserManager::PgpEncrypt.call(user: @user, text: pgp_nested_content)
encrypted_base64 = Base64.encode64(encrypted_content.to_s)
<<~EMAIL_CONTENT
This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156)
--------------#{boundary}
Content-Type: application/pgp-encrypted
Content-Description: PGP/MIME version identification
Version: 1
--------------#{boundary}
Content-Type: application/octet-stream; name="encrypted.asc"
Content-Description: OpenPGP encrypted message
Content-Disposition: inline; filename="encrypted.asc"
-----BEGIN PGP MESSAGE-----
#{encrypted_base64}
-----END PGP MESSAGE-----
--------------#{boundary}--
EMAIL_CONTENT
end
end end

2
app/mailers/custom_mailer.rb
View File

@@ -18,6 +18,6 @@ class CustomMailer < ApplicationMailer
@user = params[:user] @user = params[:user]
@subject = params[:subject] @subject = params[:subject]
@body = params[:body] @body = params[:body]
mail(to: @user.email, subject: @subject) send_mail
end end
end end

8
app/mailers/notification_mailer.rb
View File

@@ -3,7 +3,7 @@ class NotificationMailer < ApplicationMailer
@user = params[:user] @user = params[:user]
@amount_sats = params[:amount_sats] @amount_sats = params[:amount_sats]
@subject = "Sats received" @subject = "Sats received"
mail to: @user.email, subject: @subject send_mail
end end
def remotestorage_auth_created def remotestorage_auth_created
@@ -15,19 +15,19 @@ class NotificationMailer < ApplicationMailer
"#{access} #{directory}" "#{access} #{directory}"
end end
@subject = "New app connected to your storage" @subject = "New app connected to your storage"
mail to: @user.email, subject: @subject send_mail
end end
def new_invitations_available def new_invitations_available
@user = params[:user] @user = params[:user]
@subject = "New invitations added to your account" @subject = "New invitations added to your account"
mail to: @user.email, subject: @subject send_mail
end end
def bitcoin_donation_confirmed def bitcoin_donation_confirmed
@user = params[:user] @user = params[:user]
@donation = params[:donation] @donation = params[:donation]
@subject = "Donation confirmed" @subject = "Donation confirmed"
mail to: @user.email, subject: @subject send_mail
end end
end end

24
app/models/concerns/settings/btcpay_settings.rb Normal file
View File

@@ -0,0 +1,24 @@
module Settings
module BtcpaySettings
extend ActiveSupport::Concern
included do
field :btcpay_api_url, type: :string,
default: ENV["BTCPAY_API_URL"].presence
field :btcpay_enabled, type: :boolean,
default: ENV["BTCPAY_API_URL"].present?
field :btcpay_public_url, type: :string,
default: ENV["BTCPAY_PUBLIC_URL"].presence
field :btcpay_store_id, type: :string,
default: ENV["BTCPAY_STORE_ID"].presence
field :btcpay_auth_token, type: :string,
default: ENV["BTCPAY_AUTH_TOKEN"].presence
field :btcpay_publish_wallet_balances, type: :boolean, default: true
end
end
end

16
app/models/concerns/settings/discourse_settings.rb Normal file
View File

@@ -0,0 +1,16 @@
module Settings
module DiscourseSettings
extend ActiveSupport::Concern
included do
field :discourse_public_url, type: :string,
default: ENV["DISCOURSE_PUBLIC_URL"].presence
field :discourse_enabled, type: :boolean,
default: ENV["DISCOURSE_PUBLIC_URL"].present?
field :discourse_connect_secret, type: :string,
default: ENV["DISCOURSE_CONNECT_SECRET"].presence
end
end
end

13
app/models/concerns/settings/drone_ci_settings.rb Normal file
View File

@@ -0,0 +1,13 @@
module Settings
module DroneCiSettings
extend ActiveSupport::Concern
included do
field :droneci_public_url, type: :string,
default: ENV["DRONECI_PUBLIC_URL"].presence
field :droneci_enabled, type: :boolean,
default: ENV["DRONECI_PUBLIC_URL"].present?
end
end
end

19
app/models/concerns/settings/ejabberd_settings.rb Normal file
View File

@@ -0,0 +1,19 @@
module Settings
module EjabberdSettings
extend ActiveSupport::Concern
included do
field :ejabberd_enabled, type: :boolean,
default: ENV["EJABBERD_API_URL"].present?
field :ejabberd_api_url, type: :string,
default: ENV["EJABBERD_API_URL"].presence
field :ejabberd_admin_url, type: :string,
default: ENV["EJABBERD_ADMIN_URL"].presence
field :ejabberd_buddy_roster, type: :string,
default: "Buddies"
end
end
end

28
app/models/concerns/settings/email_settings.rb Normal file
View File

@@ -0,0 +1,28 @@
module Settings
module EmailSettings
extend ActiveSupport::Concern
included do
field :email_enabled, type: :boolean,
default: ENV["EMAIL_SMTP_HOST"].present?
# field :email_smtp_host, type: :string,
# default: ENV["EMAIL_SMTP_HOST"].presence
#
# field :email_smtp_port, type: :string,
# default: ENV["EMAIL_SMTP_PORT"].presence || 587
#
# field :email_smtp_enable_starttls, type: :string,
# default: ENV["EMAIL_SMTP_PORT"].presence || true
#
# field :email_auth_method, type: :string,
# default: ENV["EMAIL_AUTH_METHOD"].presence || "plain"
#
# field :email_imap_host, type: :string,
# default: ENV["EMAIL_IMAP_HOST"].presence
#
# field :email_imap_port, type: :string,
# default: ENV["EMAIL_IMAP_PORT"].presence || 993
end
end
end

34
app/models/concerns/settings/general_settings.rb Normal file
View File

@@ -0,0 +1,34 @@
module Settings
module GeneralSettings
extend ActiveSupport::Concern
included do
field :primary_domain, type: :string,
default: ENV["PRIMARY_DOMAIN"].presence
field :accounts_domain, type: :string,
default: ENV["AKKOUNTS_DOMAIN"].presence
#
# Internal services
#
field :redis_url, type: :string,
default: ENV["REDIS_URL"] || "redis://localhost:6379/0"
field :s3_enabled, type: :boolean,
default: ENV["S3_ENABLED"] && ENV["S3_ENABLED"].to_s != "false"
field :sentry_enabled, type: :boolean, readonly: true,
default: ENV["SENTRY_DSN"].present?
#
# Registrations
#
field :reserved_usernames, type: :array, default: %w[
account accounts donations mail webmaster support
]
end
end
end

13
app/models/concerns/settings/gitea_settings.rb Normal file
View File

@@ -0,0 +1,13 @@
module Settings
module GiteaSettings
extend ActiveSupport::Concern
included do
field :gitea_public_url, type: :string,
default: ENV["GITEA_PUBLIC_URL"].presence
field :gitea_enabled, type: :boolean,
default: ENV["GITEA_PUBLIC_URL"].present?
end
end
end

25
app/models/concerns/settings/lightning_network_settings.rb Normal file
View File

@@ -0,0 +1,25 @@
module Settings
module LightningNetworkSettings
extend ActiveSupport::Concern
included do
field :lndhub_api_url, type: :string,
default: ENV["LNDHUB_API_URL"].presence
field :lndhub_enabled, type: :boolean,
default: ENV["LNDHUB_API_URL"].present?
field :lndhub_admin_token, type: :string,
default: ENV["LNDHUB_ADMIN_TOKEN"].presence
field :lndhub_admin_enabled, type: :boolean,
default: ENV["LNDHUB_ADMIN_UI"] || false
field :lndhub_public_key, type: :string,
default: (ENV["LNDHUB_PUBLIC_KEY"] || "")
field :lndhub_keysend_enabled, type: :boolean,
default: -> { self.lndhub_public_key.present? }
end
end
end

16
app/models/concerns/settings/mastodon_settings.rb Normal file
View File

@@ -0,0 +1,16 @@
module Settings
module MastodonSettings
extend ActiveSupport::Concern
included do
field :mastodon_public_url, type: :string,
default: ENV["MASTODON_PUBLIC_URL"].presence
field :mastodon_enabled, type: :boolean,
default: ENV["MASTODON_PUBLIC_URL"].present?
field :mastodon_address_domain, type: :string,
default: ENV["MASTODON_ADDRESS_DOMAIN"].presence || self.primary_domain
end
end
end

13
app/models/concerns/settings/media_wiki_settings.rb Normal file
View File

@@ -0,0 +1,13 @@
module Settings
module MediaWikiSettings
extend ActiveSupport::Concern
included do
field :mediawiki_public_url, type: :string,
default: ENV["MEDIAWIKI_PUBLIC_URL"].presence
field :mediawiki_enabled, type: :boolean,
default: ENV["MEDIAWIKI_PUBLIC_URL"].present?
end
end
end

25
app/models/concerns/settings/nostr_settings.rb Normal file
View File

@@ -0,0 +1,25 @@
module Settings
module NostrSettings
extend ActiveSupport::Concern
included do
field :nostr_enabled, type: :boolean,
default: ENV["NOSTR_PRIVATE_KEY"].present?
field :nostr_private_key, type: :string,
default: ENV["NOSTR_PRIVATE_KEY"].presence
field :nostr_public_key, type: :string,
default: ENV["NOSTR_PUBLIC_KEY"].presence
field :nostr_public_key_primary_domain, type: :string,
default: ENV["NOSTR_PUBLIC_KEY_PRIMARY_DOMAIN"].presence
field :nostr_relay_url, type: :string,
default: ENV["NOSTR_RELAY_URL"].presence
field :nostr_zaps_relay_limit, type: :integer,
default: 12
end
end
end

9
app/models/concerns/settings/open_collective_settings.rb Normal file
View File

@@ -0,0 +1,9 @@
module Settings
module OpenCollectiveSettings
extend ActiveSupport::Concern
included do
field :opencollective_enabled, type: :boolean, default: true
end
end
end

19
app/models/concerns/settings/remote_storage_settings.rb Normal file
View File

@@ -0,0 +1,19 @@
module Settings
module RemoteStorageSettings
extend ActiveSupport::Concern
included do
field :remotestorage_enabled, type: :boolean,
default: ENV["RS_STORAGE_URL"].present?
field :rs_accounts_domain, type: :string,
default: ENV["RS_AKKOUNTS_DOMAIN"] || ENV["AKKOUNTS_DOMAIN"]
field :rs_storage_url, type: :string,
default: ENV["RS_STORAGE_URL"].presence
field :rs_redis_url, type: :string,
default: ENV["RS_REDIS_URL"] || "redis://localhost:6379/1"
end
end
end

11
app/models/concerns/settings/xmpp_settings.rb Normal file
View File

@@ -0,0 +1,11 @@
module Settings
module XmppSettings
extend ActiveSupport::Concern
included do
field :xmpp_default_rooms, type: :array, default: []
field :xmpp_autojoin_default_rooms, type: :boolean, default: false
field :xmpp_notifications_from_address, type: :string, default: primary_domain
end
end
end

20
app/models/remote_storage_authorization.rb
View File

@@ -2,7 +2,7 @@ class RemoteStorageAuthorization < ApplicationRecord
belongs_to :user belongs_to :user
belongs_to :web_app, class_name: "AppCatalog::WebApp", optional: true belongs_to :web_app, class_name: "AppCatalog::WebApp", optional: true
serialize :permissions unless Rails.env.production? serialize :permissions, coder: YAML unless Rails.env.production?
validates_presence_of :permissions validates_presence_of :permissions
validates_presence_of :client_id validates_presence_of :client_id
@@ -69,11 +69,19 @@ class RemoteStorageAuthorization < ApplicationRecord
end end
def remove_token_expiry_job def remove_token_expiry_job
queue = Sidekiq::Queue.new(RemoteStorageExpireAuthorizationJob.queue_name) job_class = RemoteStorageExpireAuthorizationJob
queue.each do |job| job_args = [id]
next unless job.display_class == "RemoteStorageExpireAuthorizationJob"
job.delete if job.display_args == [id] query = SolidQueue::Job.where(class_name: job_class.to_s)
end
case ActiveRecord::Base.connection.adapter_name.downcase
when /sqlite/
query.where("json_extract(arguments, '$.arguments') = ?", job_args.to_json)
when /postgres/
query.where("arguments->>'arguments' = ?", job_args.to_json)
else
raise "Unsupported database adapter"
end.destroy_all
end end
def find_or_create_web_app def find_or_create_web_app

246
app/models/setting.rb
View File

@@ -2,226 +2,30 @@
class Setting < RailsSettings::Base class Setting < RailsSettings::Base
cache_prefix { "v1" } cache_prefix { "v1" }
field :primary_domain, type: :string, Dir[Rails.root.join('app', 'models', 'concerns', 'settings', '*.rb')].each do |file|
default: ENV["PRIMARY_DOMAIN"].presence require file
field :accounts_domain, type: :string,
default: ENV["AKKOUNTS_DOMAIN"].presence
#
# Internal services
#
field :redis_url, type: :string,
default: ENV["REDIS_URL"] || "redis://localhost:6379/0"
field :s3_enabled, type: :boolean,
default: ENV["S3_ENABLED"] && ENV["S3_ENABLED"].to_s != "false"
#
# Registrations
#
field :reserved_usernames, type: :array, default: %w[
account accounts donations mail webmaster support
]
#
# XMPP
#
field :xmpp_default_rooms, type: :array, default: []
field :xmpp_autojoin_default_rooms, type: :boolean, default: false
field :xmpp_notifications_from_address, type: :string, default: primary_domain
#
# Sentry
#
field :sentry_enabled, type: :boolean, readonly: true,
default: ENV["SENTRY_DSN"].present?
#
# BTCPay Server
#
field :btcpay_api_url, type: :string,
default: ENV["BTCPAY_API_URL"].presence
field :btcpay_enabled, type: :boolean,
default: ENV["BTCPAY_API_URL"].present?
field :btcpay_public_url, type: :string,
default: ENV["BTCPAY_PUBLIC_URL"].presence
field :btcpay_store_id, type: :string,
default: ENV["BTCPAY_STORE_ID"].presence
field :btcpay_auth_token, type: :string,
default: ENV["BTCPAY_AUTH_TOKEN"].presence
field :btcpay_publish_wallet_balances, type: :boolean, default: true
#
# Discourse
#
field :discourse_public_url, type: :string,
default: ENV["DISCOURSE_PUBLIC_URL"].presence
field :discourse_enabled, type: :boolean,
default: ENV["DISCOURSE_PUBLIC_URL"].present?
field :discourse_connect_secret, type: :string,
default: ENV["DISCOURSE_CONNECT_SECRET"].presence
#
# Drone CI
#
field :droneci_public_url, type: :string,
default: ENV["DRONECI_PUBLIC_URL"].presence
field :droneci_enabled, type: :boolean,
default: ENV["DRONECI_PUBLIC_URL"].present?
#
# ejabberd
#
field :ejabberd_enabled, type: :boolean,
default: ENV["EJABBERD_API_URL"].present?
field :ejabberd_api_url, type: :string,
default: ENV["EJABBERD_API_URL"].presence
field :ejabberd_admin_url, type: :string,
default: ENV["EJABBERD_ADMIN_URL"].presence
field :ejabberd_buddy_roster, type: :string,
default: "Buddies"
#
# Gitea
#
field :gitea_public_url, type: :string,
default: ENV["GITEA_PUBLIC_URL"].presence
field :gitea_enabled, type: :boolean,
default: ENV["GITEA_PUBLIC_URL"].present?
#
# Lightning Network
#
field :lndhub_api_url, type: :string,
default: ENV["LNDHUB_API_URL"].presence
field :lndhub_enabled, type: :boolean,
default: ENV["LNDHUB_API_URL"].present?
field :lndhub_admin_token, type: :string,
default: ENV["LNDHUB_ADMIN_TOKEN"].presence
field :lndhub_admin_enabled, type: :boolean,
default: ENV["LNDHUB_ADMIN_UI"] || false
field :lndhub_public_key, type: :string,
default: (ENV["LNDHUB_PUBLIC_KEY"] || "")
field :lndhub_keysend_enabled, type: :boolean,
default: -> { self.lndhub_public_key.present? }
#
# Mastodon
#
field :mastodon_public_url, type: :string,
default: ENV["MASTODON_PUBLIC_URL"].presence
field :mastodon_enabled, type: :boolean,
default: ENV["MASTODON_PUBLIC_URL"].present?
field :mastodon_address_domain, type: :string,
default: ENV["MASTODON_ADDRESS_DOMAIN"].presence || self.primary_domain
#
# MediaWiki
#
field :mediawiki_public_url, type: :string,
default: ENV["MEDIAWIKI_PUBLIC_URL"].presence
field :mediawiki_enabled, type: :boolean,
default: ENV["MEDIAWIKI_PUBLIC_URL"].present?
#
# Nostr
#
field :nostr_enabled, type: :boolean,
default: ENV["NOSTR_PRIVATE_KEY"].present?
field :nostr_private_key, type: :string,
default: ENV["NOSTR_PRIVATE_KEY"].presence
field :nostr_public_key, type: :string,
default: ENV["NOSTR_PUBLIC_KEY"].presence
field :nostr_relay_url, type: :string,
default: ENV["NOSTR_RELAY_URL"].presence
field :nostr_zaps_relay_limit, type: :integer,
default: 12
#
# OpenCollective
#
field :opencollective_enabled, type: :boolean, default: true
#
# RemoteStorage
#
field :remotestorage_enabled, type: :boolean,
default: ENV["RS_STORAGE_URL"].present?
field :rs_storage_url, type: :string,
default: ENV["RS_STORAGE_URL"].presence
field :rs_redis_url, type: :string,
default: ENV["RS_REDIS_URL"] || "redis://localhost:6379/1"
#
# E-Mail Service
#
field :email_enabled, type: :boolean,
default: ENV["EMAIL_SMTP_HOST"].present?
# field :email_smtp_host, type: :string,
# default: ENV["EMAIL_SMTP_HOST"].presence
#
# field :email_smtp_port, type: :string,
# default: ENV["EMAIL_SMTP_PORT"].presence || 587
#
# field :email_smtp_enable_starttls, type: :string,
# default: ENV["EMAIL_SMTP_PORT"].presence || true
#
# field :email_auth_method, type: :string,
# default: ENV["EMAIL_AUTH_METHOD"].presence || "plain"
#
# field :email_imap_host, type: :string,
# default: ENV["EMAIL_IMAP_HOST"].presence
#
# field :email_imap_port, type: :string,
# default: ENV["EMAIL_IMAP_PORT"].presence || 993
def self.default_services
# TODO Make configurable from respective service settings page
%w[ discourse gitea mastodon mediawiki xmpp ]
end end
include Settings::GeneralSettings
include Settings::BtcpaySettings
include Settings::DiscourseSettings
include Settings::DroneCiSettings
include Settings::EjabberdSettings
include Settings::EmailSettings
include Settings::GiteaSettings
include Settings::LightningNetworkSettings
include Settings::MastodonSettings
include Settings::MediaWikiSettings
include Settings::NostrSettings
include Settings::OpenCollectiveSettings
include Settings::RemoteStorageSettings
include Settings::XmppSettings
def self.available_services
known_services = SERVICES[:external].keys
known_services.select {|s| Setting.send "#{s}_enabled?" }
end
field :default_services, type: :array,
default: self.available_services
end end

35
app/models/user.rb
View File

@@ -3,9 +3,10 @@ require 'nostr'
class User < ApplicationRecord class User < ApplicationRecord
include EmailValidatable include EmailValidatable
attr_accessor :display_name
attr_accessor :avatar_new
attr_accessor :current_password attr_accessor :current_password
attr_accessor :avatar_new
attr_accessor :display_name
attr_accessor :pgp_pubkey
serialize :preferences, coder: UserPreferences serialize :preferences, coder: UserPreferences
@@ -51,6 +52,8 @@ class User < ApplicationRecord
validate :acceptable_avatar validate :acceptable_avatar
validate :acceptable_pgp_key_format, if: -> { defined?(@pgp_pubkey) && @pgp_pubkey.present? }
# #
# Scopes # Scopes
# #
@@ -165,6 +168,24 @@ class User < ApplicationRecord
Nostr::PublicKey.new(nostr_pubkey).to_bech32 Nostr::PublicKey.new(nostr_pubkey).to_bech32
end end
def pgp_pubkey
@pgp_pubkey ||= ldap_entry[:pgp_key]
end
def gnupg_key
return nil unless pgp_pubkey.present?
GPGME::Key.import(pgp_pubkey)
GPGME::Key.get(pgp_fpr)
end
def pgp_pubkey_contains_user_address?
gnupg_key.uids.map(&:email).include?(address)
end
def wkd_hash
ZBase32.encode(Digest::SHA1.digest(cn))
end
def avatar def avatar
@avatar_base64 ||= LdapManager::FetchAvatar.call(cn: cn) @avatar_base64 ||= LdapManager::FetchAvatar.call(cn: cn)
end end
@@ -180,14 +201,14 @@ class User < ApplicationRecord
def enable_service(service) def enable_service(service)
current_services = services_enabled current_services = services_enabled
new_services = Array(service).map(&:to_s) new_services = Array(service).map(&:to_s)
services = (current_services + new_services).uniq services = (current_services + new_services).uniq.sort
ldap.replace_attribute(dn, :serviceEnabled, services) ldap.replace_attribute(dn, :serviceEnabled, services)
end end
def disable_service(service) def disable_service(service)
current_services = services_enabled current_services = services_enabled
disabled_services = Array(service).map(&:to_s) disabled_services = Array(service).map(&:to_s)
services = (current_services - disabled_services).uniq services = (current_services - disabled_services).uniq.sort
ldap.replace_attribute(dn, :serviceEnabled, services) ldap.replace_attribute(dn, :serviceEnabled, services)
end end
@@ -214,4 +235,10 @@ class User < ApplicationRecord
errors.add(:avatar, "must be a JPEG or PNG file") errors.add(:avatar, "must be a JPEG or PNG file")
end end
end end
def acceptable_pgp_key_format
unless GPGME::Key.valid?(pgp_pubkey)
errors.add(:pgp_pubkey, 'is not a valid armored PGP public key block')
end
end
end end

54
app/services/create_account.rb
View File

@@ -1,54 +0,0 @@
class CreateAccount < ApplicationService
def initialize(account:)
@username = account[:username]
@domain = account[:ou] || Setting.primary_domain
@email = account[:email]
@password = account[:password]
@invitation = account[:invitation]
@confirmed = account[:confirmed]
end
def call
user = create_user_in_database
add_ldap_document
create_lndhub_account(user) if Setting.lndhub_enabled
if @invitation.present?
update_invitation(user.id)
end
end
private
def create_user_in_database
User.create!(
cn: @username,
ou: @domain,
email: @email,
password: @password,
password_confirmation: @password,
confirmed_at: @confirmed ? DateTime.now : nil
)
end
def update_invitation(user_id)
@invitation.update! invited_user_id: user_id, used_at: DateTime.now
end
def add_ldap_document
hashed_pw = Devise.ldap_auth_password_builder.call(@password)
CreateLdapUserJob.perform_later(
username: @username,
domain: @domain,
email: @email,
hashed_pw: hashed_pw,
confirmed: @confirmed
)
end
def create_lndhub_account(user)
#TODO enable in development when we have a local lndhub (mock?) API
return if Rails.env.development?
CreateLndhubAccountJob.perform_later(user)
end
end

17
app/services/create_invitations.rb
View File

@@ -1,17 +0,0 @@
class CreateInvitations < ApplicationService
def initialize(user:, amount:, notify: true)
@user = user
@amount = amount
@notify = notify
end
def call
@amount.times do
Invitation.create(user: @user)
end
if @notify
NotificationMailer.with(user: @user).new_invitations_available.deliver_later
end
end
end

16
app/services/ldap_manager/update_pgp_key.rb Normal file
View File

@@ -0,0 +1,16 @@
module LdapManager
class UpdatePgpKey < LdapManagerService
def initialize(dn:, pubkey:)
@dn = dn
@pubkey = pubkey
end
def call
if @pubkey.present?
replace_attribute @dn, :pgpKey, @pubkey
else
delete_attribute @dn, :pgpKey
end
end
end
end

7
app/services/ldap_service.rb
View File

@@ -58,7 +58,7 @@ class LdapService < ApplicationService
attributes = %w[ attributes = %w[
dn cn uid mail displayName admin serviceEnabled dn cn uid mail displayName admin serviceEnabled
mailRoutingAddress mailpassword nostrKey mailRoutingAddress mailpassword nostrKey pgpKey
] ]
filter = Net::LDAP::Filter.eq("uid", args[:uid] || "*") filter = Net::LDAP::Filter.eq("uid", args[:uid] || "*")
@@ -73,7 +73,8 @@ class LdapService < ApplicationService
services_enabled: e.try(:serviceEnabled), services_enabled: e.try(:serviceEnabled),
email_maildrop: e.try(:mailRoutingAddress), email_maildrop: e.try(:mailRoutingAddress),
email_password: e.try(:mailpassword), email_password: e.try(:mailpassword),
nostr_key: e.try(:nostrKey) ? e.nostrKey.first : nil nostr_key: e.try(:nostrKey) ? e.nostrKey.first : nil,
pgp_key: e.try(:pgpKey) ? e.pgpKey.first : nil
} }
end end
end end
@@ -101,7 +102,7 @@ class LdapService < ApplicationService
dn = "ou=#{ou},cn=users,#{ldap_suffix}" dn = "ou=#{ou},cn=users,#{ldap_suffix}"
aci = <<-EOS aci = <<-EOS
(target="ldap:///cn=*,ou=#{ou},cn=users,#{ldap_suffix}")(targetattr="cn || sn || uid || userPassword || mail || mailRoutingAddress || serviceEnabled || nostrKey || nsRole || objectClass") (version 3.0; acl "service-#{ou.gsub(".", "-")}-read-search"; allow (read,search) userdn="ldap:///uid=service,ou=#{ou},cn=applications,#{ldap_suffix}";) (target="ldap:///cn=*,ou=#{ou},cn=users,#{ldap_suffix}")(targetattr="cn || sn || uid || userPassword || mail || mailRoutingAddress || serviceEnabled || nostrKey || pgpKey || nsRole || objectClass") (version 3.0; acl "service-#{ou.gsub(".", "-")}-read-search"; allow (read,search) userdn="ldap:///uid=service,ou=#{ou},cn=applications,#{ldap_suffix}";)
EOS EOS
attrs = { attrs = {

56
app/services/user_manager/create_account.rb Normal file
View File

@@ -0,0 +1,56 @@
module UserManager
class CreateAccount < UserManagerService
def initialize(account:)
@username = account[:username]
@domain = account[:ou] || Setting.primary_domain
@email = account[:email]
@password = account[:password]
@invitation = account[:invitation]
@confirmed = account[:confirmed]
end
def call
user = create_user_in_database
add_ldap_document
create_lndhub_account(user) if Setting.lndhub_enabled
if @invitation.present?
update_invitation(user.id)
end
end
private
def create_user_in_database
User.create!(
cn: @username,
ou: @domain,
email: @email,
password: @password,
password_confirmation: @password,
confirmed_at: @confirmed ? DateTime.now : nil
)
end
def update_invitation(user_id)
@invitation.update! invited_user_id: user_id, used_at: DateTime.now
end
def add_ldap_document
hashed_pw = Devise.ldap_auth_password_builder.call(@password)
CreateLdapUserJob.perform_later(
username: @username,
domain: @domain,
email: @email,
hashed_pw: hashed_pw,
confirmed: @confirmed
)
end
def create_lndhub_account(user)
#TODO enable in development when we have a local lndhub (mock?) API
return if Rails.env.development?
CreateLndhubAccountJob.perform_later(user)
end
end
end

19
app/services/user_manager/create_invitations.rb Normal file
View File

@@ -0,0 +1,19 @@
module UserManager
class CreateInvitations < UserManagerService
def initialize(user:, amount:, notify: true)
@user = user
@amount = amount
@notify = notify
end
def call
@amount.times do
Invitation.create(user: @user)
end
if @notify
NotificationMailer.with(user: @user).new_invitations_available.deliver_later
end
end
end
end

19
app/services/user_manager/pgp_encrypt.rb Normal file
View File

@@ -0,0 +1,19 @@
require 'gpgme'
module UserManager
class PgpEncrypt < UserManagerService
def initialize(user:, text:)
@user = user
@text = text
end
def call
crypto = GPGME::Crypto.new
crypto.encrypt(
@text,
recipients: @user.gnupg_key,
always_trust: true
)
end
end
end

24
app/services/user_manager/update_pgp_key.rb Normal file
View File

@@ -0,0 +1,24 @@
module UserManager
class UpdatePgpKey < UserManagerService
def initialize(user:)
@user = user
end
def call
if @user.pgp_pubkey.blank?
@user.update! pgp_fpr: nil
else
result = GPGME::Key.import(@user.pgp_pubkey)
if result.imports.present?
@user.update! pgp_fpr: result.imports.first.fpr
else
# TODO notify Sentry, user
raise "Failed to import OpenPGP pubkey"
end
end
LdapManager::UpdatePgpKey.call(dn: @user.dn, pubkey: @user.pgp_pubkey)
end
end
end

2
app/services/user_manager_service.rb Normal file
View File

@@ -0,0 +1,2 @@
class UserManagerService < ApplicationService
end

32
app/views/admin/settings/registrations/show.html.erb
View File

@@ -9,18 +9,36 @@
<%= render partial: "admin/settings/errors", locals: { errors: @errors } %> <%= render partial: "admin/settings/errors", locals: { errors: @errors } %>
<% end %> <% end %>
<label class="block"> <ul role="list">
<p class="font-bold mb-1">Reserved usernames</p> <%= render FormElements::FieldsetComponent.new(
<p class="text-gray-500"> title: "Reserved usernames",
These usernames cannot be registered as accounts: description: "These usernames cannot be registered as accounts."
</p> ) do %>
<%= f.text_area :reserved_usernames, <%= f.text_area :reserved_usernames,
value: Setting.reserved_usernames.join("\n"), value: Setting.reserved_usernames.join("\n"),
class: "h-44 mb-2" %> class: "h-44 w-60" %>
<p class="text-sm text-gray-500"> <p class="text-sm text-gray-500">
One username per line One username per line
</p> </p>
</label> <% end %>
<li>
<p class="font-bold mb-1">Default services</p>
<p class="text-gray-500">
These services are enabled for new users by default after signup.
</p>
<div class="flex flex-wrap gap-x-6 gap-y-2">
<% Setting.available_services.each do |option| %>
<div class="md:inline-block">
<%= f.check_box :default_services,
{ multiple: true, checked: Setting.default_services.include?(option),
class: "h-4 w-4 rounded border-gray-300 text-blue-600 focus:ring-blue-600 mr-0.5" },
option, nil %>
<%= f.label "default_services_#{option.parameterize}", service_human_name(option) %>
</div>
<% end %>
</div>
</li>
</ul>
</section> </section>
<section> <section>

5
app/views/admin/settings/services/_nostr.html.erb
View File

@@ -19,6 +19,11 @@
title: "Public key", title: "Public key",
description: "The corresponding public key of the accounts service" description: "The corresponding public key of the accounts service"
) %> ) %>
<%= render FormElements::FieldsetResettableSettingComponent.new(
key: :nostr_public_key_primary_domain,
title: "Public key for primary domain (NIP-05)",
description: "(optional) A different pubkey to announce for the _@#{Setting.primary_domain} Nostr address"
) %>
<%= render FormElements::FieldsetResettableSettingComponent.new( <%= render FormElements::FieldsetResettableSettingComponent.new(
key: :nostr_relay_url, key: :nostr_relay_url,
title: "Relay URL", title: "Relay URL",

1
app/views/admin/settings/services/_remotestorage.html.erb
View File

@@ -1,5 +1,4 @@
<h3>RemoteStorage</h3> <h3>RemoteStorage</h3>
<p class="text-red-600 mb-8">Feature currently in development.</p>
<ul role="list"> <ul role="list">
<%= render FormElements::FieldsetToggleComponent.new( <%= render FormElements::FieldsetToggleComponent.new(
form: f, form: f,

44
app/views/admin/users/show.html.erb
View File

@@ -89,13 +89,47 @@
</section> </section>
<section class="sm:flex-1 sm:pt-0"> <section class="sm:flex-1 sm:pt-0">
<h3>LDAP</h3>
<table class="divided">
<tbody>
<tr>
<th>Avatar</th>
<td>
<% if @avatar.present? %> <% if @avatar.present? %>
<h3>LDAP<h3>
<p>
<img src="data:image/jpeg;base64,<%= @avatar %>" class="h-48 w-48" /> <img src="data:image/jpeg;base64,<%= @avatar %>" class="h-48 w-48" />
</p> <% else %>
&mdash;
<% end %> <% end %>
<!-- <h3>Actions</h3> --> </td>
</tr>
<tr>
<th>Display name</th>
<td><%= @user.display_name || "—" %></td>
</tr>
<tr>
<th class="align-top">PGP key</th>
<td class="align-top leading-5">
<% if @user.pgp_pubkey.present? %>
<span class="font-mono" title="<%= @user.pgp_fpr %>">
<% if @user.pgp_pubkey_contains_user_address? %>
<%= link_to wkd_key_url(hashed_username: @user.wkd_hash, l: @user.cn, format: :txt),
class: "ks-text-link", target: "_blank" do %>
<%= "#{@user.pgp_fpr[0, 8]}…#{@user.pgp_fpr[-8..-1]}" %>
<% end %>
<% else %>
<%= "#{@user.pgp_fpr[0, 8]}…#{@user.pgp_fpr[-8..-1]}" %>
<% end %>
</span><br />
<% @user.gnupg_key.uids.each do |uid| %>
<%= uid.uid %><br />
<% end %>
<% else %>
&mdash;
<% end %>
</td>
</tr>
</tbody>
</table>
</section> </section>
</div> </div>
@@ -184,7 +218,7 @@
<td>XMPP (ejabberd)</td> <td>XMPP (ejabberd)</td>
<td> <td>
<%= render FormElements::ToggleComponent.new( <%= render FormElements::ToggleComponent.new(
enabled: @services_enabled.include?("xmpp"), enabled: @services_enabled.include?("ejabberd"),
input_enabled: false input_enabled: false
) %> ) %>
</td> </td>

20
app/views/services/remotestorage/show.html.erb
View File

@@ -15,6 +15,8 @@
In order to connect an app to your storage account, give it your address: In order to connect an app to your storage account, give it your address:
</p> </p>
<p data-controller="clipboard" class="flex gap-1 sm:w-2/5"> <p data-controller="clipboard" class="flex gap-1 sm:w-2/5">
<img src="/img/logos/icon_remotestorage.svg"
class="inline-block h-6 w-6 mr-1 self-center">
<input type="text" id="user_address" class="grow" <input type="text" id="user_address" class="grow"
value=<%= current_user.address %> disabled="disabled" value=<%= current_user.address %> disabled="disabled"
data-clipboard-target="source" /> data-clipboard-target="source" />
@@ -31,6 +33,24 @@
</p> </p>
</section> </section>
<section>
<h3>Compatible Apps</h3>
<p>
Your Storage account is based on a new open standard called
<a href="https://remotestorage.io" target="_blank">
<img src="/img/logos/icon_remotestorage.svg" class="h-4 w-4 inline">
<strong>remoteStorage</strong>
</a>, which is not yet widely supported. Look
for the remoteStorage icon, or check the Sync settings in apps.
</p>
<p>
If you want your favorite apps to support syncing data with your own
Storage account, let the developers know! All relevant information is
available on the <a href="https://remotestorage.io"
target="_blank" class="ks-text-link">remoteStorage website</a>.
</p>
</section>
<section> <section>
<h3>Recommended Apps</h3> <h3>Recommended Apps</h3>
<div data-controller="tabs" <div data-controller="tabs"

29
app/views/settings/_account.html.erb
View File

@@ -1,6 +1,6 @@
<%= tag.section data: { <%= tag.section data: {
controller: "settings--account--email", controller: "settings--account--email",
"settings--account--email-validation-failed-value": @validation_errors.present? "settings--account--email-validation-failed-value": @validation_errors&.[](:email)&.present?
} do %> } do %>
<h3>E-Mail</h3> <h3>E-Mail</h3>
<%= form_for(@user, url: update_email_settings_path, method: "post") do |f| %> <%= form_for(@user, url: update_email_settings_path, method: "post") do |f| %>
@@ -23,7 +23,7 @@
</span> </span>
</button> </button>
</p> </p>
<% if @validation_errors.present? && @validation_errors[:email].present? %> <% if @validation_errors&.[](:email)&.present? %>
<p class="error-msg"><%= @validation_errors[:email].first %></p> <p class="error-msg"><%= @validation_errors[:email].first %></p>
<% end %> <% end %>
<div class="initial-hidden"> <div class="initial-hidden">
@@ -41,10 +41,33 @@
<% end %> <% end %>
<section> <section>
<h3>Password</h3> <h3>Password</h3>
<p class="mb-8">Use the following button to request an email with a password reset link:</p> <p class="mb-6">Use the following button to request an email with a password reset link:</p>
<%= form_with(url: reset_password_settings_path, method: :post) do %> <%= form_with(url: reset_password_settings_path, method: :post) do %>
<p> <p>
<%= submit_tag("Send me a password reset link", class: 'btn-md btn-gray w-full sm:w-auto') %> <%= submit_tag("Send me a password reset link", class: 'btn-md btn-gray w-full sm:w-auto') %>
</p> </p>
<% end %> <% end %>
</section> </section>
<%= form_for(@user, url: setting_path(:account), html: { :method => :put }) do |f| %>
<section class="!pt-8 sm:!pt-12">
<h3>OpenPGP</h3>
<ul role="list">
<%= render FormElements::FieldsetComponent.new(
title: "Public key",
description: "Your OpenPGP public key in ASCII Armor format"
) do %>
<%= f.text_area :pgp_pubkey,
value: @user.pgp_pubkey,
class: "h-24 w-full" %>
<% if @validation_errors&.[](:pgp_pubkey)&.present? %>
<p class="error-msg">This <%= @validation_errors[:pgp_pubkey].first %></p>
<% end %>
<% end %>
</ul>
</section>
<section>
<p class="pt-6 border-t border-gray-200 text-right">
<%= f.submit 'Save', class: "btn-md btn-blue w-full md:w-auto" %>
</p>
</section>
<% end %>

2
app/views/settings/_email.html.erb
View File

@@ -5,7 +5,7 @@
<h3>E-Mail Password</h3> <h3>E-Mail Password</h3>
<%= form_for(@user, url: reset_email_password_settings_path, method: "post") do |f| %> <%= form_for(@user, url: reset_email_password_settings_path, method: "post") do |f| %>
<%= hidden_field_tag :section, "email" %> <%= hidden_field_tag :section, "email" %>
<p class="mb-8"> <p class="mb-6">
Use the following button to generate a new email password: Use the following button to generate a new email password:
</p> </p>
<p class="hidden initial-visible"> <p class="hidden initial-visible">

6
bin/jobs Executable file
View File

@@ -0,0 +1,6 @@
#!/usr/bin/env ruby
require_relative "../config/environment"
require "solid_queue/cli"
SolidQueue::Cli.start(ARGV)

11
bin/rails
View File

@@ -1,9 +1,4 @@
#!/usr/bin/env ruby #!/usr/bin/env ruby
begin APP_PATH = File.expand_path("../config/application", __dir__)
load File.expand_path('../spring', __FILE__) require_relative "../config/boot"
rescue LoadError => e require "rails/commands"
raise unless e.message.include?('spring')
end
APP_PATH = File.expand_path('../config/application', __dir__)
require_relative '../config/boot'
require 'rails/commands'

9
bin/rake
View File

@@ -1,9 +1,4 @@
#!/usr/bin/env ruby #!/usr/bin/env ruby
begin require_relative "../config/boot"
load File.expand_path('../spring', __FILE__) require "rake"
rescue LoadError => e
raise unless e.message.include?('spring')
end
require_relative '../config/boot'
require 'rake'
Rake.application.run Rake.application.run

8
bin/rubocop Executable file
View File

@@ -0,0 +1,8 @@
#!/usr/bin/env ruby
require "rubygems"
require "bundler/setup"
# explicit rubocop config increases performance slightly while avoiding config confusion.
ARGV.unshift("--config", File.expand_path("../.rubocop.yml", __dir__))
load Gem.bin_path("rubocop", "rubocop")

34
bin/setup
View File

@@ -1,36 +1,34 @@
#!/usr/bin/env ruby #!/usr/bin/env ruby
require 'fileutils' require "fileutils"
# path to your application root. APP_ROOT = File.expand_path("..", __dir__)
APP_ROOT = File.expand_path('..', __dir__)
def system!(*args) def system!(*args)
system(*args) || abort("\n== Command #{args} failed ==") system(*args, exception: true)
end end
FileUtils.chdir APP_ROOT do FileUtils.chdir APP_ROOT do
# This script is a way to setup or update your development environment automatically. # This script is a way to set up or update your development environment automatically.
# This script is idempotent, so that you can run it at anytime and get an expectable outcome. # This script is idempotent, so that you can run it at any time and get an expectable outcome.
# Add necessary setup steps to this file. # Add necessary setup steps to this file.
puts '== Installing dependencies ==' puts "== Installing dependencies =="
system! 'gem install bundler --conservative' system("bundle check") || system!("bundle install")
system('bundle check') || system!('bundle install')
# Install JavaScript dependencies
# system('bin/yarn')
# puts "\n== Copying sample files ==" # puts "\n== Copying sample files =="
# unless File.exist?('config/database.yml') # unless File.exist?("config/database.yml")
# FileUtils.cp 'config/database.yml.sample', 'config/database.yml' # FileUtils.cp "config/database.yml.sample", "config/database.yml"
# end # end
puts "\n== Preparing database ==" puts "\n== Preparing database =="
system! 'bin/rails db:prepare' system! "bin/rails db:prepare"
puts "\n== Removing old logs and tempfiles ==" puts "\n== Removing old logs and tempfiles =="
system! 'bin/rails log:clear tmp:clear' system! "bin/rails log:clear tmp:clear"
puts "\n== Restarting application server ==" unless ARGV.include?("--skip-server")
system! 'bin/rails restart' puts "\n== Starting development server =="
STDOUT.flush # flush the output before exec(2) so that it displays
exec "bin/dev"
end
end end

28
config/application.rb
View File

@@ -1,4 +1,4 @@
require_relative 'boot' require_relative "boot"
require "rails" require "rails"
# Pick the frameworks you want: # Pick the frameworks you want:
@@ -12,7 +12,6 @@ require "action_mailbox/engine"
# require "action_text/engine" # require "action_text/engine"
require "action_view/railtie" require "action_view/railtie"
require "action_cable/engine" require "action_cable/engine"
require "sprockets/railtie"
# require "rails/test_unit/railtie" # require "rails/test_unit/railtie"
# Require the gems listed in Gemfile, including any gems # Require the gems listed in Gemfile, including any gems
@@ -22,12 +21,20 @@ Bundler.require(*Rails.groups)
module Akkounts module Akkounts
class Application < Rails::Application class Application < Rails::Application
# Initialize configuration defaults for originally generated Rails version. # Initialize configuration defaults for originally generated Rails version.
config.load_defaults 7.0 config.load_defaults 8.0
# Settings in config/environments/* take precedence over those specified here. # Please, add to the `ignore` list any other `lib` subdirectories that do
# Application configuration can go into files in config/initializers # not contain `.rb` files, or that should not be reloaded or eager loaded.
# -- all .rb files in that directory are automatically loaded after loading # Common ones are `templates`, `generators`, or `middleware`, for example.
# the framework and any gems in your application. config.autoload_lib(ignore: %w[assets tasks])
# Configuration for the application, engines, and railties goes here.
#
# These settings can be overridden in specific environments using the files
# in config/environments, which are processed later.
#
# config.time_zone = "Central Time (US & Canada)"
# config.eager_load_paths << Rails.root.join("extras")
# Don't generate system test files. # Don't generate system test files.
config.generators.system_tests = nil config.generators.system_tests = nil
@@ -40,7 +47,12 @@ module Akkounts
g.stylesheets false g.stylesheets false
end end
config.active_job.queue_adapter = :sidekiq config.active_job.queue_adapter = :solid_queue
config.mission_control.jobs.http_basic_auth_enabled = false
config.action_mailer.deliver_later_queue_name = nil # use "default" queue config.action_mailer.deliver_later_queue_name = nil # use "default" queue
# The default includes webp, which requires webp support everywhere
config.active_storage.web_image_content_types = %w[image/png image/jpeg image/gif]
end end
end end

2
config/credentials.yml.enc
View File

@@ -1 +1 @@
tmI5vm7qZhaigr52jEBVWkRdj+EE+9OmPh3vWXC7kA/OHuuucpr7SodychuMkQDPLM0BLk88LFsqvRIR+mqnLWpRC+P9aeUFE6ohxSWzcAd7Y4sgxUD8zpCRPndrwTw0hxXXj1WZSYeWn4BoAB34aV+gYen2MajZF3a95hJGtS5yjgWxvLVkQQKqRDfykkfX6fCS0BPo5X7sT7m4xwCATD/D4219wajm5W3TIdkriHtwt28ZLspaRWA5e0UkzKf8+/Gaj2CrW7UWcvew8R93zQ5RA2/Sp3sDTVN+kLz9I9Q095lQC0ywCAEFYHeKmc2tjrzqRaAAWu06xmWLqGIg21G+A/UU9lUJOkIpxQACWoOfS2IoXR1nXhgXMopkz3aCBXDxKw554v4H2QyOceOsuRf2C685ibMqzQkKMmJ4tcbiOJL77DUc08JTjB8Dq4Ohr8sMzXbV/hATevjYoRP0XarLekqhLv90ZLuIVY16DwB0CzACeNBKeKbeLqJF51upRRWgi+gTbYpV04yUwnXdyssF8mydWocgihrTryBi8F6PsuhBGcaYdP+0yibnGxDCC4x2rupbBfMj2OIX7pYzgtIHB3Eo954Y+bCoggqbE/Qrb9VVXNMgtKgLt8EGWU2tg6wl9QicitIq87uLDAade93zTn6rmcKPywjMDo6jbVIs653ZdUhiKdHGdpnJccbgQ/iLSPB1umNnCeaEX5jM+K9zBvl7ZMCdSk1YIQ==--ekKumqLiSlVJNwMe--K/ecXmmMT1x+WnIXMbHBDw== zaTF2ZJaU/M9CYmXEJoDmS1oniSV/1YT0UnM1jysEhMknn3bYOzRBZM3eGJ5Mr6bJYz6cv5hSDL5pT0/6hqgpV04dc/fVDplWO4eEpD1kBFM3LjIPCe9REbRlRUwODpoV/y6wWOFme8nFMS9uOSFkL6RtMuQli0os5Rp+2Jal2lJwAujFjFwuuj+1iRzqc3pzeIIy0clPmR9ANxXS+rPL3jmxty6QzVMr9Q658roVD38yRg0CNgs09eZ/FvqeqXlQkwDfg2/zX9tg5ocGwvHzmicZJ/yU6kl6liqNAJvEDrolm0gSzemY8NfhCySd5wjEvpP+uvKxbd5M3rhagC8S9MmpmxewuOKbDFEyTSRO6Kp2yakdcLSn12ZPB+X0nlMRno+UEzh0EvcX2mxRXppIKrsRUGVeYmj4GMI0vyLW1eCuyPLueN7sOnSjhtM84URNWkSnb0LTxlYxOJGbnwzn85QVpFdXtDktbaXvMWcVdH9XdMDbaBs1G7BIA6Z8i+mxLVVEbQWQM6VBrUhpkpWfphLmN5b16LYbGTzdKnR0iPcsNr8Tsl8vYfeWH8S0ujD105lS39v37YimN6E5l4X2CrqG+DNBtKfbqC0E3lhZMqDRWetxzaxE47oe4g=--0EKrvwe2YTfsbssz--SbmUH0sMiy5uUhpxFImgMA==

54
config/database.yml
View File

@@ -1,21 +1,37 @@
default: &default default: &default
adapter: sqlite3 adapter: <%= ENV["DB_ADAPTER"] || "sqlite3" %>
pool: <%= ENV["DB_POOL"] || ENV['MAX_THREADS'] || 5 %> pool: <%= ENV["DB_POOL"] || ENV['MAX_THREADS'] || 5 %>
timeout: 5000 timeout: 5000
<% if ENV["DB_ADAPTER"] == "postgresql" %>
host: <%= ENV["PG_HOST"] || 'localhost' %>
port: <%= ENV["PG_PORT"] || 5432 %>
username: <%= ENV["PG_USERNAME"] || 'akkounts' %>
password: <%= ENV["PG_PASSWORD"] %>
<% end %>
development: <% if ENV["LNDHUB_PG_HOST"].present? %>
primary: lndhub: &lndhub
<<: *default
database: db/development.sqlite3
lndhub:
<<: *default
adapter: postgresql adapter: postgresql
database_tasks: false database_tasks: false
host: <%= ENV["LNDHUB_PG_HOST"] || 'localhost' %> host: <%= ENV["LNDHUB_PG_HOST"] %>
port: <%= ENV["LNDHUB_PG_PORT"] || 5432 %> port: <%= ENV["LNDHUB_PG_PORT"] || 5432 %>
database: <%= ENV["LNDHUB_PG_DATABASE"] || 'lndhub' %> database: <%= ENV["LNDHUB_PG_DATABASE"] || 'lndhub' %>
username: <%= ENV["LNDHUB_PG_USERNAME"] || 'lndhub' %> username: <%= ENV["LNDHUB_PG_USERNAME"] || 'lndhub' %>
password: <%= ENV["LNDHUB_PG_PASSWORD"] %> password: <%= ENV["LNDHUB_PG_PASSWORD"] %>
<% end %>
development:
primary:
<<: *default
database: <%= ENV["DB_ADAPTER"] == "postgresql" ? ENV["PG_DATABASE"] : "db/development.sqlite3" %>
queue:
<<: *default
database: <%= ENV["DB_ADAPTER"] == "postgresql" ? ENV["PG_DATABASE_QUEUE"] : "db/development_queue.sqlite3" %>
migrations_paths: db/queue_migrate
<% if ENV["LNDHUB_PG_HOST"].present? %>
lndhub:
<<: *lndhub
<% end %>
# Warning: The database defined as "test" will be erased and # Warning: The database defined as "test" will be erased and
# re-generated from your development database when you run "rake". # re-generated from your development database when you run "rake".
@@ -32,18 +48,12 @@ test:
production: production:
primary: primary:
<<: *default <<: *default
adapter: postgresql database: <%= ENV["DB_ADAPTER"] == "postgresql" ? ENV["PG_DATABASE"] : "db/production.sqlite3" %>
database: akkounts queue:
port: 5432
host: <%= Rails.application.credentials.postgres[:host] rescue nil %>
username: <%= Rails.application.credentials.postgres[:username] rescue nil %>
password: <%= Rails.application.credentials.postgres[:password] rescue nil %>
lndhub:
<<: *default <<: *default
adapter: postgresql database: <%= ENV["DB_ADAPTER"] == "postgresql" ? ENV["PG_DATABASE_QUEUE"] : "db/production_queue.sqlite3" %>
database_tasks: false migrations_paths: db/queue_migrate
host: <%= ENV["LNDHUB_PG_HOST"] || 'localhost' %> <% if ENV["LNDHUB_PG_HOST"].present? %>
port: <%= ENV["LNDHUB_PG_PORT"] || 5432 %> lndhub:
database: <%= ENV["LNDHUB_PG_DATABASE"] || 'lndhub' %> <<: *lndhub
username: <%= ENV["LNDHUB_PG_USERNAME"] || 'lndhub' %> <% end %>
password: <%= ENV["LNDHUB_PG_PASSWORD"] %>

2
config/environment.rb
View File

@@ -1,5 +1,5 @@
# Load the Rails application. # Load the Rails application.
require_relative 'application' require_relative "application"
# Initialize the Rails application. # Initialize the Rails application.
Rails.application.initialize! Rails.application.initialize!

74
config/environments/development.rb
View File

@@ -1,10 +1,10 @@
require "active_support/core_ext/integer/time"
Rails.application.configure do Rails.application.configure do
# Settings specified here will take precedence over those in config/application.rb. # Settings specified here will take precedence over those in config/application.rb.
# In the development environment your application's code is reloaded on # Make code changes take effect immediately without server restart.
# every request. This slows down response time but is perfect for development config.enable_reloading = true
# since you don't have to restart the web server when you make code changes.
config.cache_classes = false
# Do not eager load code on boot. # Do not eager load code on boot.
config.eager_load = false config.eager_load = false
@@ -12,16 +12,15 @@ Rails.application.configure do
# Show full error reports. # Show full error reports.
config.consider_all_requests_local = true config.consider_all_requests_local = true
# Enable/disable caching. By default caching is disabled. # Enable server timing.
# Run rails dev:cache to toggle caching. config.server_timing = true
if Rails.root.join('tmp', 'caching-dev.txt').exist?
# Enable/disable Action Controller caching. By default Action Controller caching is disabled.
# Run rails dev:cache to toggle Action Controller caching.
if Rails.root.join("tmp/caching-dev.txt").exist?
config.action_controller.perform_caching = true config.action_controller.perform_caching = true
config.action_controller.enable_fragment_cache_logging = true config.action_controller.enable_fragment_cache_logging = true
config.public_file_server.headers = { "cache-control" => "public, max-age=#{2.days.to_i}" }
config.cache_store = :memory_store
config.public_file_server.headers = {
'Cache-Control' => "public, max-age=#{2.days.to_i}"
}
else else
config.action_controller.perform_caching = false config.action_controller.perform_caching = false
@@ -31,42 +30,63 @@ Rails.application.configure do
# Don't care if the mailer can't send. # Don't care if the mailer can't send.
config.action_mailer.raise_delivery_errors = false config.action_mailer.raise_delivery_errors = false
# Make template changes take effect immediately.
config.action_mailer.perform_caching = false config.action_mailer.perform_caching = false
# Print deprecation notices to the Rails logger. # Print deprecation notices to the Rails logger.
config.active_support.deprecation = :log config.active_support.deprecation = :log
# Raise exceptions for disallowed deprecations.
config.active_support.disallowed_deprecation = :raise
# Tell Active Support which deprecation messages to disallow.
config.active_support.disallowed_deprecation_warnings = []
# Raise an error on page load if there are pending migrations. # Raise an error on page load if there are pending migrations.
config.active_record.migration_error = :page_load config.active_record.migration_error = :page_load
# Highlight code that triggered database queries in logs. # Highlight code that triggered database queries in logs.
config.active_record.verbose_query_logs = true config.active_record.verbose_query_logs = true
# Debug mode disables concatenation and preprocessing of assets. # Append comments with runtime information tags to SQL queries in logs.
# This option may cause significant delays in view rendering with a large config.active_record.query_log_tags_enabled = true
# number of complex assets.
config.assets.debug = true # Highlight code that enqueued background job in logs.
config.active_job.verbose_enqueue_logs = true
# Solid Queue database
config.solid_queue.connects_to = { database: { writing: :queue } }
# Suppress logger output for asset requests. # Suppress logger output for asset requests.
config.assets.quiet = true # config.assets.quiet = true
# Raises error for missing translations. # Raises error for missing translations.
# config.action_view.raise_on_missing_translations = true # config.i18n.raise_on_missing_translations = true
# Use an evented file watcher to asynchronously detect changes in source code, # Annotate rendered view with file names.
# routes, locales, etc. This feature depends on the listen gem. config.action_view.annotate_rendered_view_with_filenames = true
config.file_watcher = ActiveSupport::EventedFileUpdateChecker
config.action_mailer.default_options = {
from: "accounts@localhost"
}
# Don't actually send emails, cache them for viewing via letter opener # Don't actually send emails, cache them for viewing via letter opener
config.action_mailer.delivery_method = :letter_opener config.action_mailer.delivery_method = :letter_opener
# Don't care if the mailer can't send # Uncomment if you wish to allow Action Cable access from any origin.
# config.action_cable.disable_request_forgery_protection = true
# Raise error when a before_action's only/except options reference missing actions.
config.action_controller.raise_on_missing_callback_actions = true
# Notice if the mailer can't send
config.action_mailer.raise_delivery_errors = true config.action_mailer.raise_delivery_errors = true
# Base URL to be used by email template link helpers # Base URL to be used by email template link helpers
config.action_mailer.default_url_options = { host: "localhost:3000", protocol: "http" } config.action_mailer.default_url_options = {
host: "localhost:3000", # TODO port: 3000
protocol: "http"
}
config.action_mailer.default_options = {
from: "accounts@localhost",
message_id: -> { "<#{Mail.random_tag}@localhost>" },
}
# Allow requests from any IP # Allow requests from any IP
config.web_console.permissions = '0.0.0.0/0' config.web_console.permissions = '0.0.0.0/0'

109
config/environments/production.rb
View File

@@ -1,61 +1,61 @@
require "active_support/core_ext/integer/time"
Rails.application.configure do Rails.application.configure do
# Settings specified here will take precedence over those in config/application.rb. # Settings specified here will take precedence over those in config/application.rb.
# Code is not reloaded between requests. # Code is not reloaded between requests.
config.cache_classes = true config.enable_reloading = false
# Eager load code on boot. This eager loads most of Rails and # Eager load code on boot for better performance and memory savings (ignored by Rake tasks).
# your application in memory, allowing both threaded web servers
# and those relying on copy on write to perform better.
# Rake tasks automatically ignore this option for performance.
config.eager_load = true config.eager_load = true
# Full error reports are disabled and caching is turned on. # Full error reports are disabled.
config.consider_all_requests_local = false config.consider_all_requests_local = false
config.action_controller.perform_caching = true
# Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
# or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
# config.require_master_key = true
# Disable serving static files from the `/public` folder by default since # Disable serving static files from the `/public` folder by default since
# Apache or NGINX already handles this. # Apache or NGINX already handles this.
config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present? config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?
# Compress CSS using a preprocessor. # Turn on fragment caching in view templates.
# config.assets.css_compressor = :sass config.action_controller.perform_caching = true
# Do not fallback to assets pipeline if a precompiled asset is missed. # Do not fallback to assets pipeline if a precompiled asset is missed.
config.assets.compile = false config.assets.compile = false
# Cache assets for far-future expiry since they are all digest stamped.
config.public_file_server.headers = { "cache-control" => "public, max-age=#{1.year.to_i}" }
# Enable serving of images, stylesheets, and JavaScripts from an asset server. # Enable serving of images, stylesheets, and JavaScripts from an asset server.
# config.action_controller.asset_host = 'http://assets.example.com' # config.asset_host = "http://assets.example.com"
# Specifies the header that your server uses for sending files.
# config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
# config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
# Mount Action Cable outside main process or domain. # Assume all access to the app is happening through a SSL-terminating reverse proxy.
# config.action_cable.mount_path = nil # config.assume_ssl = true
# config.action_cable.url = 'wss://example.com/cable'
# config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
# config.force_ssl = true # config.force_ssl = true
# Use the lowest log level to ensure availability of diagnostic information # Skip http-to-https redirect for the default health check endpoint.
# when problems arise. # config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } }
config.log_level = :debug
# Prepend all log lines with the following tags. # Log to STDOUT with the current request id as a default log tag.
config.log_tags = [ :request_id ] config.log_tags = [ :request_id ]
config.logger = ActiveSupport::TaggedLogging.logger(STDOUT)
# Use a different cache store in production. # Change to "debug" to log everything (including potentially personally-identifiable information!)
config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info")
# Prevent health checks from clogging up the logs.
config.silence_healthcheck_path = "/up"
# Don't log any deprecations.
config.active_support.report_deprecations = false
# Replace the default in-process memory cache store with a durable alternative.
# config.cache_store = :mem_cache_store # config.cache_store = :mem_cache_store
# Use a real queuing backend for Active Job (and separate queues per environment). # Solid Queue database
# config.active_job.queue_adapter = :resque config.solid_queue.connects_to = { database: { writing: :queue } }
# config.active_job.queue_name_prefix = "akkounts_production"
# E-mail settings, adapted from https://github.com/mastodon/mastodon # E-mail settings, adapted from https://github.com/mastodon/mastodon
@@ -63,7 +63,7 @@ Rails.application.configure do
outgoing_email_domain = Mail::Address.new(outgoing_email_address).domain outgoing_email_domain = Mail::Address.new(outgoing_email_address).domain
config.action_mailer.default_url_options = { config.action_mailer.default_url_options = {
host: ENV['AKKOUNTS_DOMAIN'], host: ENV.fetch('AKKOUNTS_DOMAIN'),
protocol: "https", protocol: "https",
} }
@@ -106,6 +106,10 @@ Rails.application.configure do
config.action_mailer.delivery_method = ENV.fetch('SMTP_DELIVERY_METHOD', 'smtp').to_sym config.action_mailer.delivery_method = ENV.fetch('SMTP_DELIVERY_METHOD', 'smtp').to_sym
# Disable caching for Action Mailer templates even if Action Controller
# caching is enabled.
config.action_mailer.perform_caching = false
# Ignore bad email addresses and do not raise email delivery errors. # Ignore bad email addresses and do not raise email delivery errors.
# Set this to true and configure the email server for immediate delivery to raise delivery errors. # Set this to true and configure the email server for immediate delivery to raise delivery errors.
config.action_mailer.raise_delivery_errors = true config.action_mailer.raise_delivery_errors = true
@@ -120,43 +124,18 @@ Rails.application.configure do
# the I18n.default_locale when a translation cannot be found). # the I18n.default_locale when a translation cannot be found).
config.i18n.fallbacks = true config.i18n.fallbacks = true
# Send deprecation notices to registered listeners.
config.active_support.deprecation = :notify
# Use default logging formatter so that PID and timestamp are not suppressed.
config.log_formatter = ::Logger::Formatter.new
# Use a different logger for distributed setups.
# require 'syslog/logger'
# config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name')
if ENV["RAILS_LOG_TO_STDOUT"].present?
logger = ActiveSupport::Logger.new(STDOUT)
logger.formatter = config.log_formatter
config.logger = ActiveSupport::TaggedLogging.new(logger)
end
# Do not dump schema after migrations. # Do not dump schema after migrations.
config.active_record.dump_schema_after_migration = false config.active_record.dump_schema_after_migration = false
# Inserts middleware to perform automatic connection switching. # Only use :id for inspections in production.
# The `database_selector` hash is used to pass options to the DatabaseSelector config.active_record.attributes_for_inspect = [ :id ]
# middleware. The `delay` is used to determine how long to wait after a write
# to send a subsequent read to the primary. # Enable DNS rebinding protection and other `Host` header attacks.
# config.hosts = [
# "example.com", # Allow requests from example.com
# /.*\.example\.com/ # Allow requests from subdomains like `www.example.com`
# ]
# #
# The `database_resolver` class is used by the middleware to determine which # Skip DNS rebinding protection for the default health check endpoint.
# database is appropriate to use based on the time delay. # config.host_authorization = { exclude: ->(request) { request.path == "/up" } }
#
# The `database_resolver_context` class is used by the middleware to set
# timestamps for the last write to the primary. The resolver uses the context
# class timestamps to determine how long to wait before reading from the
# replica.
#
# By default Rails will store a last write timestamp in the session. The
# DatabaseSelector middleware is designed as such you can define your own
# strategy for connection switching and pass that into the middleware through
# these configuration options.
# config.active_record.database_selector = { delay: 2.seconds }
# config.active_record.database_resolver = ActiveRecord::Middleware::DatabaseSelector::Resolver
# config.active_record.database_resolver_context = ActiveRecord::Middleware::DatabaseSelector::Resolver::Session
end end

51
config/environments/test.rb
View File

@@ -6,31 +6,33 @@
Rails.application.configure do Rails.application.configure do
# Settings specified here will take precedence over those in config/application.rb. # Settings specified here will take precedence over those in config/application.rb.
config.cache_classes = false # While tests run files are not watched, reloading is not necessary.
config.action_view.cache_template_loading = true config.enable_reloading = false
# Do not eager load code on boot. This avoids loading your whole application # Eager loading loads your entire application. When running a single test locally,
# just for the purpose of running a single test. If you are using a tool that # this is usually not necessary, and can slow down your test suite. However, it's
# preloads Rails for running tests, you may have to set it to true. # recommended that you enable it in continuous integration systems to ensure eager
config.eager_load = false # loading is working properly before deploying your code.
config.eager_load = ENV["CI"].present?
# Configure public file server for tests with Cache-Control for performance. # Configure public file server for tests with cache-control for performance.
config.public_file_server.enabled = true config.public_file_server.headers = { "cache-control" => "public, max-age=3600" }
config.public_file_server.headers = {
'Cache-Control' => "public, max-age=#{1.hour.to_i}"
}
# Show full error reports and disable caching. # Show full error reports.
config.consider_all_requests_local = true config.consider_all_requests_local = true
config.action_controller.perform_caching = false config.action_controller.perform_caching = false
config.cache_store = :null_store config.cache_store = :null_store
# Raise exceptions instead of rendering exception templates. # Render exception templates for rescuable exceptions and raise for other exceptions.
config.action_dispatch.show_exceptions = :none config.action_dispatch.show_exceptions = :rescuable
# Disable request forgery protection in test environment. # Disable request forgery protection in test environment.
config.action_controller.allow_forgery_protection = false config.action_controller.allow_forgery_protection = false
config.active_job.queue_adapter = :test
# Disable caching for Action Mailer templates even if Action Controller
# caching is enabled.
config.action_mailer.perform_caching = false config.action_mailer.perform_caching = false
# Tell Action Mailer not to deliver emails to the real world. # Tell Action Mailer not to deliver emails to the real world.
@@ -38,23 +40,28 @@ Rails.application.configure do
# ActionMailer::Base.deliveries array. # ActionMailer::Base.deliveries array.
config.action_mailer.delivery_method = :test config.action_mailer.delivery_method = :test
# Print deprecation notices to the stderr. config.action_mailer.default_options = {
config.active_support.deprecation = :stderr from: "accounts@kosmos.org",
message_id: -> { "<#{Mail.random_tag}@kosmos.org>" },
# Raises error for missing translations. }
# config.action_view.raise_on_missing_translations = true
config.action_mailer.default_url_options = { config.action_mailer.default_url_options = {
host: "accounts.kosmos.org", host: "accounts.kosmos.org",
protocol: "https", protocol: "https"
from: "accounts@kosmos.org"
} }
config.active_job.queue_adapter = :test # Raises error for missing translations.
# config.i18n.raise_on_missing_translations = true
# Annotate rendered view with file names.
# config.action_view.annotate_rendered_view_with_filenames = true
if ENV["S3_ENABLED"] && ENV["S3_ENABLED"].to_s != "false" if ENV["S3_ENABLED"] && ENV["S3_ENABLED"].to_s != "false"
config.active_storage.service = :s3 config.active_storage.service = :s3
else else
config.active_storage.service = :local config.active_storage.service = :local
end end
# Raise error when a before_action's only/except options reference missing actions.
config.action_controller.raise_on_missing_callback_actions = true
end end

7
config/initializers/assets.rb
View File

@@ -1,14 +1,9 @@
# Be sure to restart your server when you modify this file. # Be sure to restart your server when you modify this file.
# Version of your assets, change this if you want to expire all your assets. # Version of your assets, change this if you want to expire all your assets.
Rails.application.config.assets.version = '1.0' Rails.application.config.assets.version = "1.0"
# Add additional assets to the asset load path. # Add additional assets to the asset load path.
# Rails.application.config.assets.paths << Emoji.images_path # Rails.application.config.assets.paths << Emoji.images_path
# Add Yarn node_modules folder to the asset load path. # Add Yarn node_modules folder to the asset load path.
Rails.application.config.assets.paths << Rails.root.join('node_modules') Rails.application.config.assets.paths << Rails.root.join('node_modules')
# Precompile additional assets.
# application.js, application.css, and all non-JS/CSS in the app/assets
# folder are already added.
# Rails.application.config.assets.precompile += %w( admin.js admin.css )

31
config/initializers/content_security_policy.rb
View File

@@ -1,30 +1,25 @@
# Be sure to restart your server when you modify this file. # Be sure to restart your server when you modify this file.
# Define an application-wide content security policy # Define an application-wide content security policy.
# For further information see the following documentation # See the Securing Rails Applications Guide for more information:
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy # https://guides.rubyonrails.org/security.html#content-security-policy-header
# Rails.application.config.content_security_policy do |policy| # Rails.application.configure do
# config.content_security_policy do |policy|
# policy.default_src :self, :https # policy.default_src :self, :https
# policy.font_src :self, :https, :data # policy.font_src :self, :https, :data
# policy.img_src :self, :https, :data # policy.img_src :self, :https, :data
# policy.object_src :none # policy.object_src :none
# policy.script_src :self, :https # policy.script_src :self, :https
# policy.style_src :self, :https # policy.style_src :self, :https
# # If you are using webpack-dev-server then specify webpack-dev-server host
# policy.connect_src :self, :https, "http://localhost:3035", "ws://localhost:3035" if Rails.env.development?
# # Specify URI for violation reports # # Specify URI for violation reports
# # policy.report_uri "/csp-violation-report-endpoint" # # policy.report_uri "/csp-violation-report-endpoint"
# end # end
#
# If you are using UJS then enable automatic nonce generation # # Generate session nonces for permitted importmap, inline scripts, and inline styles.
# Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) } # config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s }
# config.content_security_policy_nonce_directives = %w(script-src style-src)
# Set the nonce only to specific directives #
# Rails.application.config.content_security_policy_nonce_directives = %w(script-src) # # Report violations without enforcing the policy.
# # config.content_security_policy_report_only = true
# Report CSP violations to a specified URI # end
# For further information see the following documentation:
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only
# Rails.application.config.content_security_policy_report_only = true

11
config/initializers/devise_rails8_patch.rb Normal file
View File

@@ -0,0 +1,11 @@
# See https://alvincrespo.hashnode.dev/rails-8s-lazy-route-loading-devise
# TODO remove when Devise is fixed
require 'devise'
Devise # make sure it's already loaded
module Devise
def self.mappings
Rails.application.try(:reload_routes_unless_loaded)
@@mappings
end
end

8
config/initializers/filter_parameter_logging.rb
View File

@@ -1,4 +1,8 @@
# Be sure to restart your server when you modify this file. # Be sure to restart your server when you modify this file.
# Configure sensitive parameters which will be filtered from the log file. # Configure parameters to be partially matched (e.g. passw matches password) and filtered from the log file.
Rails.application.config.filter_parameters += [:password] # Use this to limit dissemination of sensitive information.
# See the ActiveSupport::ParameterFilter documentation for supported notations and behaviors.
Rails.application.config.filter_parameters += [
:password, :email, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
]

8
config/initializers/inflections.rb
View File

@@ -4,13 +4,13 @@
# are locale specific, and you may define rules for as many different # are locale specific, and you may define rules for as many different
# locales as you wish. All of these examples are active by default: # locales as you wish. All of these examples are active by default:
# ActiveSupport::Inflector.inflections(:en) do |inflect| # ActiveSupport::Inflector.inflections(:en) do |inflect|
# inflect.plural /^(ox)$/i, '\1en' # inflect.plural /^(ox)$/i, "\\1en"
# inflect.singular /^(ox)en/i, '\1' # inflect.singular /^(ox)en/i, "\\1"
# inflect.irregular 'person', 'people' # inflect.irregular "person", "people"
# inflect.uncountable %w( fish sheep ) # inflect.uncountable %w( fish sheep )
# end # end
# These inflection rules are supported but not enabled by default: # These inflection rules are supported but not enabled by default:
# ActiveSupport::Inflector.inflections(:en) do |inflect| # ActiveSupport::Inflector.inflections(:en) do |inflect|
# inflect.acronym 'RESTful' # inflect.acronym "RESTful"
# end # end

1
config/initializers/mailer_host.rb
View File

@@ -1 +0,0 @@
Rails.application.routes.default_url_options[:host] = ENV['APP_DOMAIN']

13
config/initializers/permissions_policy.rb Normal file
View File

@@ -0,0 +1,13 @@
# Be sure to restart your server when you modify this file.
# Define an application-wide HTTP permissions policy. For further
# information see: https://developers.google.com/web/updates/2018/06/feature-policy
# Rails.application.config.permissions_policy do |policy|
# policy.camera :none
# policy.gyroscope :none
# policy.microphone :none
# policy.usb :none
# policy.fullscreen :self
# policy.payment :self, "https://secure.example.com"
# end

2
config/initializers/service_details.rb Normal file
View File

@@ -0,0 +1,2 @@
config_path = Rails.root.join('config', 'services.yml')
SERVICES = YAML.load_file(config_path).deep_symbolize_keys.with_indifferent_access

5
config/initializers/sidekiq.rb
View File

@@ -1,5 +0,0 @@
require_relative "../../app/models/setting"
Sidekiq.configure_server do |config|
config.redis = { url: Setting.redis_url }
end

69
config/puma.rb
View File

@@ -1,38 +1,43 @@
# Puma can serve each request in a thread from an internal thread pool. # This configuration file will be evaluated by Puma. The top-level methods that
# The `threads` method setting takes two numbers: a minimum and maximum. # are invoked here are part of Puma's configuration DSL. For more information
# Any libraries that use thread pools should be configured to match # about methods provided by the DSL, see https://puma.io/puma/Puma/DSL.html.
# the maximum value specified for Puma. Default is set to 5 threads for minimum
# and maximum; this matches the default thread size of Active Record.
# #
max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 } # Puma starts a configurable number of processes (workers) and each process
min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count } # serves each request in a thread from an internal thread pool.
#
# You can control the number of workers using ENV["WEB_CONCURRENCY"]. You
# should only set this value when you want to run 2 or more workers. The
# default is already 1.
#
# The ideal number of threads per worker depends both on how much time the
# application spends waiting for IO operations and on how much you wish to
# prioritize throughput over latency.
#
# As a rule of thumb, increasing the number of threads will increase how much
# traffic a given process can handle (throughput), but due to CRuby's
# Global VM Lock (GVL) it has diminishing returns and will degrade the
# response time (latency) of the application.
#
# The default is set to 3 threads as it's deemed a decent compromise between
# throughput and latency for the average Rails application.
#
# Any libraries that use a connection pool or another resource pool should
# be configured to provide at least as many connections as the number of
# threads. This includes Active Record's `pool` parameter in `database.yml`.
max_threads_count = ENV.fetch("RAILS_MAX_THREADS", 5)
min_threads_count = ENV.fetch("RAILS_MAX_THREADS", 3)
threads min_threads_count, max_threads_count threads min_threads_count, max_threads_count
# Specifies the `port` that Puma will listen on to receive requests; default is 3000. port ENV.fetch("PORT", 3000)
#
port ENV.fetch("PORT") { 3000 }
# Specifies the `environment` that Puma will run in.
#
environment ENV.fetch("RAILS_ENV") { "development" } environment ENV.fetch("RAILS_ENV") { "development" }
# Specifies the `pidfile` that Puma will use. # Allow puma to be restarted by `bin/rails restart` command.
pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
# Specifies the number of `workers` to boot in clustered mode.
# Workers are forked web server processes. If using threads and workers together
# the concurrency of the application would be max `threads` * `workers`.
# Workers do not work on JRuby or Windows (both of which do not support
# processes).
#
# workers ENV.fetch("WEB_CONCURRENCY") { 2 }
# Use the `preload_app!` method when specifying a `workers` number.
# This directive tells Puma to first boot the application and load code
# before forking the application. This takes advantage of Copy On Write
# process behavior so workers use less memory.
#
# preload_app!
# Allow puma to be restarted by `rails restart` command.
plugin :tmp_restart plugin :tmp_restart
# Run the Solid Queue supervisor inside of Puma for single-server deployments
plugin :solid_queue if ENV["SOLID_QUEUE_IN_PUMA"]
# Specify the PID file. Defaults to tmp/pids/server.pid in development.
# In other environments, only set the PID file if requested.
pidfile ENV["PIDFILE"] if ENV["PIDFILE"]

21
config/queue.yml Normal file
View File

@@ -0,0 +1,21 @@
default: &default
dispatchers:
- polling_interval: 1
batch_size: 500
workers:
- queues: "*"
threads: 3
processes: <%= ENV.fetch("JOB_CONCURRENCY", 1) %>
polling_interval: 0.1
development:
<<: *default
workers:
- queues: "*"
threads: 1
test:
<<: *default
production:
<<: *default

10
config/recurring.yml Normal file
View File

@@ -0,0 +1,10 @@
# production:
# periodic_cleanup:
# class: CleanSoftDeletedRecordsJob
# queue: background
# args: [ 1000, { batch_size: 500 } ]
# schedule: every hour
# periodic_command:
# command: "SoftDeletedRecord.due.delete_all"
# priority: 2
# schedule: at 5am every day

12
config/routes.rb
View File

@@ -1,5 +1,3 @@
require 'sidekiq/web'
Rails.application.routes.draw do Rails.application.routes.draw do
devise_for :users, controllers: { devise_for :users, controllers: {
confirmations: 'users/confirmations', confirmations: 'users/confirmations',
@@ -70,10 +68,12 @@ Rails.application.routes.draw do
get '.well-known/webfinger', to: 'webfinger#show' get '.well-known/webfinger', to: 'webfinger#show'
get '.well-known/nostr', to: 'well_known#nostr' get '.well-known/nostr', to: 'well_known#nostr'
get '.well-known/lnurlp/:username', to: 'lnurlpay#index', as: 'lightning_address' get '.well-known/lnurlp/:username', to: 'lnurlpay#index', as: :lightning_address
get '.well-known/keysend/:username', to: 'lnurlpay#keysend', as: 'lightning_address_keysend' get '.well-known/keysend/:username', to: 'lnurlpay#keysend', as: :lightning_address_keysend
get '.well-known/openpgpkey/hu/:hashed_username(.:format)', to: 'web_key_directory#show', as: :wkd_key
get '.well-known/openpgpkey/policy', to: 'web_key_directory#policy'
get 'lnurlpay/:username/invoice', to: 'lnurlpay#invoice', as: 'lnurlpay_invoice' get 'lnurlpay/:username/invoice', to: 'lnurlpay#invoice', as: :lnurlpay_invoice
post 'webhooks/lndhub', to: 'webhooks#lndhub' post 'webhooks/lndhub', to: 'webhooks#lndhub'
@@ -121,7 +121,7 @@ Rails.application.routes.draw do
end end
authenticate :user, ->(user) { user.is_admin? } do authenticate :user, ->(user) { user.is_admin? } do
mount Sidekiq::Web, at: '/sidekiq' mount MissionControl::Jobs::Engine, at: "/jobs"
mount Flipper::UI.app(Flipper), at: '/flipper' mount Flipper::UI.app(Flipper), at: '/flipper'
end end

30
config/services.yml Normal file
View File

@@ -0,0 +1,30 @@
internal:
btcpay:
name: BTCPay Server
postgres:
name: PostgreSQL
sentry:
name: Sentry
external:
discourse:
name: Discourse
droneci:
name: Drone CI
ejabberd:
display_name: Chat
email:
name: E-Mail
gitea:
name: Gitea
lndhub:
name: LNDHub
display_name: Lightning Network
mastodon:
name: Mastodon
mediawiki:
name: MediaWiki
nostr:
name: Nostr
remotestorage:
name: remoteStorage
display_name: Storage

5
db/migrate/20240922205634_add_pgp_fpr_to_users.rb Normal file
View File

@@ -0,0 +1,5 @@
class AddPgpFprToUsers < ActiveRecord::Migration[7.1]
def change
add_column :users, :pgp_fpr, :string
end
end

22
db/migrate/20250428123315_add_service_name_to_active_storage_blobs.active_storage.rb Normal file
View File

@@ -0,0 +1,22 @@
# This migration comes from active_storage (originally 20190112182829)
class AddServiceNameToActiveStorageBlobs < ActiveRecord::Migration[6.0]
def up
return unless table_exists?(:active_storage_blobs)
unless column_exists?(:active_storage_blobs, :service_name)
add_column :active_storage_blobs, :service_name, :string
if configured_service = ActiveStorage::Blob.service.name
ActiveStorage::Blob.unscoped.update_all(service_name: configured_service)
end
change_column :active_storage_blobs, :service_name, :string, null: false
end
end
def down
return unless table_exists?(:active_storage_blobs)
remove_column :active_storage_blobs, :service_name
end
end

27
db/migrate/20250428123316_create_active_storage_variant_records.active_storage.rb Normal file
View File

@@ -0,0 +1,27 @@
# This migration comes from active_storage (originally 20191206030411)
class CreateActiveStorageVariantRecords < ActiveRecord::Migration[6.0]
def change
return unless table_exists?(:active_storage_blobs)
# Use Active Record's configured type for primary key
create_table :active_storage_variant_records, id: primary_key_type, if_not_exists: true do |t|
t.belongs_to :blob, null: false, index: false, type: blobs_primary_key_type
t.string :variation_digest, null: false
t.index %i[ blob_id variation_digest ], name: "index_active_storage_variant_records_uniqueness", unique: true
t.foreign_key :active_storage_blobs, column: :blob_id
end
end
private
def primary_key_type
config = Rails.configuration.generators
config.options[config.orm][:primary_key_type] || :primary_key
end
def blobs_primary_key_type
pkey_name = connection.primary_key(:active_storage_blobs)
pkey_column = connection.columns(:active_storage_blobs).find { |c| c.name == pkey_name }
pkey_column.bigint? ? :bigint : pkey_column.type
end
end

8
db/migrate/20250428123317_remove_not_null_on_active_storage_blobs_checksum.active_storage.rb Normal file
View File

@@ -0,0 +1,8 @@
# This migration comes from active_storage (originally 20211119233751)
class RemoveNotNullOnActiveStorageBlobsChecksum < ActiveRecord::Migration[6.0]
def change
return unless table_exists?(:active_storage_blobs)
change_column_null(:active_storage_blobs, :checksum, true)
end
end

129
db/queue_schema.rb Normal file
View File

@@ -0,0 +1,129 @@
ActiveRecord::Schema[7.1].define(version: 1) do
create_table "solid_queue_blocked_executions", force: :cascade do |t|
t.bigint "job_id", null: false
t.string "queue_name", null: false
t.integer "priority", default: 0, null: false
t.string "concurrency_key", null: false
t.datetime "expires_at", null: false
t.datetime "created_at", null: false
t.index [ "concurrency_key", "priority", "job_id" ], name: "index_solid_queue_blocked_executions_for_release"
t.index [ "expires_at", "concurrency_key" ], name: "index_solid_queue_blocked_executions_for_maintenance"
t.index [ "job_id" ], name: "index_solid_queue_blocked_executions_on_job_id", unique: true
end
create_table "solid_queue_claimed_executions", force: :cascade do |t|
t.bigint "job_id", null: false
t.bigint "process_id"
t.datetime "created_at", null: false
t.index [ "job_id" ], name: "index_solid_queue_claimed_executions_on_job_id", unique: true
t.index [ "process_id", "job_id" ], name: "index_solid_queue_claimed_executions_on_process_id_and_job_id"
end
create_table "solid_queue_failed_executions", force: :cascade do |t|
t.bigint "job_id", null: false
t.text "error"
t.datetime "created_at", null: false
t.index [ "job_id" ], name: "index_solid_queue_failed_executions_on_job_id", unique: true
end
create_table "solid_queue_jobs", force: :cascade do |t|
t.string "queue_name", null: false
t.string "class_name", null: false
t.text "arguments"
t.integer "priority", default: 0, null: false
t.string "active_job_id"
t.datetime "scheduled_at"
t.datetime "finished_at"
t.string "concurrency_key"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.index [ "active_job_id" ], name: "index_solid_queue_jobs_on_active_job_id"
t.index [ "class_name" ], name: "index_solid_queue_jobs_on_class_name"
t.index [ "finished_at" ], name: "index_solid_queue_jobs_on_finished_at"
t.index [ "queue_name", "finished_at" ], name: "index_solid_queue_jobs_for_filtering"
t.index [ "scheduled_at", "finished_at" ], name: "index_solid_queue_jobs_for_alerting"
end
create_table "solid_queue_pauses", force: :cascade do |t|
t.string "queue_name", null: false
t.datetime "created_at", null: false
t.index [ "queue_name" ], name: "index_solid_queue_pauses_on_queue_name", unique: true
end
create_table "solid_queue_processes", force: :cascade do |t|
t.string "kind", null: false
t.datetime "last_heartbeat_at", null: false
t.bigint "supervisor_id"
t.integer "pid", null: false
t.string "hostname"
t.text "metadata"
t.datetime "created_at", null: false
t.string "name", null: false
t.index [ "last_heartbeat_at" ], name: "index_solid_queue_processes_on_last_heartbeat_at"
t.index [ "name", "supervisor_id" ], name: "index_solid_queue_processes_on_name_and_supervisor_id", unique: true
t.index [ "supervisor_id" ], name: "index_solid_queue_processes_on_supervisor_id"
end
create_table "solid_queue_ready_executions", force: :cascade do |t|
t.bigint "job_id", null: false
t.string "queue_name", null: false
t.integer "priority", default: 0, null: false
t.datetime "created_at", null: false
t.index [ "job_id" ], name: "index_solid_queue_ready_executions_on_job_id", unique: true
t.index [ "priority", "job_id" ], name: "index_solid_queue_poll_all"
t.index [ "queue_name", "priority", "job_id" ], name: "index_solid_queue_poll_by_queue"
end
create_table "solid_queue_recurring_executions", force: :cascade do |t|
t.bigint "job_id", null: false
t.string "task_key", null: false
t.datetime "run_at", null: false
t.datetime "created_at", null: false
t.index [ "job_id" ], name: "index_solid_queue_recurring_executions_on_job_id", unique: true
t.index [ "task_key", "run_at" ], name: "index_solid_queue_recurring_executions_on_task_key_and_run_at", unique: true
end
create_table "solid_queue_recurring_tasks", force: :cascade do |t|
t.string "key", null: false
t.string "schedule", null: false
t.string "command", limit: 2048
t.string "class_name"
t.text "arguments"
t.string "queue_name"
t.integer "priority", default: 0
t.boolean "static", default: true, null: false
t.text "description"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.index [ "key" ], name: "index_solid_queue_recurring_tasks_on_key", unique: true
t.index [ "static" ], name: "index_solid_queue_recurring_tasks_on_static"
end
create_table "solid_queue_scheduled_executions", force: :cascade do |t|
t.bigint "job_id", null: false
t.string "queue_name", null: false
t.integer "priority", default: 0, null: false
t.datetime "scheduled_at", null: false
t.datetime "created_at", null: false
t.index [ "job_id" ], name: "index_solid_queue_scheduled_executions_on_job_id", unique: true
t.index [ "scheduled_at", "priority", "job_id" ], name: "index_solid_queue_dispatch_all"
end
create_table "solid_queue_semaphores", force: :cascade do |t|
t.string "key", null: false
t.integer "value", default: 1, null: false
t.datetime "expires_at", null: false
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.index [ "expires_at" ], name: "index_solid_queue_semaphores_on_expires_at"
t.index [ "key", "value" ], name: "index_solid_queue_semaphores_on_key_and_value"
t.index [ "key" ], name: "index_solid_queue_semaphores_on_key", unique: true
end
add_foreign_key "solid_queue_blocked_executions", "solid_queue_jobs", column: "job_id", on_delete: :cascade
add_foreign_key "solid_queue_claimed_executions", "solid_queue_jobs", column: "job_id", on_delete: :cascade
add_foreign_key "solid_queue_failed_executions", "solid_queue_jobs", column: "job_id", on_delete: :cascade
add_foreign_key "solid_queue_ready_executions", "solid_queue_jobs", column: "job_id", on_delete: :cascade
add_foreign_key "solid_queue_recurring_executions", "solid_queue_jobs", column: "job_id", on_delete: :cascade
add_foreign_key "solid_queue_scheduled_executions", "solid_queue_jobs", column: "job_id", on_delete: :cascade
end

3
db/schema.rb
View File

@@ -10,7 +10,7 @@
# #
# It's strongly recommended that you check this file into your version control system. # It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema[7.1].define(version: 2024_06_07_123654) do ActiveRecord::Schema[8.0].define(version: 2025_04_28_123317) do
create_table "active_storage_attachments", force: :cascade do |t| create_table "active_storage_attachments", force: :cascade do |t|
t.string "name", null: false t.string "name", null: false
t.string "record_type", null: false t.string "record_type", null: false
@@ -132,6 +132,7 @@ ActiveRecord::Schema[7.1].define(version: 2024_06_07_123654) do
t.datetime "remember_created_at" t.datetime "remember_created_at"
t.string "remember_token" t.string "remember_token"
t.text "preferences" t.text "preferences"
t.string "pgp_fpr"
t.index ["email"], name: "index_users_on_email", unique: true t.index ["email"], name: "index_users_on_email", unique: true
t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true
end end

4
db/seeds.rb
View File

@@ -7,7 +7,7 @@ Sidekiq::Testing.inline! do
puts "Create user: admin" puts "Create user: admin"
CreateAccount.call(account: { UserManager::CreateAccount.call(account: {
username: "admin", domain: "kosmos.org", email: "admin@example.com", username: "admin", domain: "kosmos.org", email: "admin@example.com",
password: "admin is admin", confirmed: true password: "admin is admin", confirmed: true
}) })
@@ -20,7 +20,7 @@ Sidekiq::Testing.inline! do
email = Faker::Internet.unique.email email = Faker::Internet.unique.email
next if username.length < 3 next if username.length < 3
CreateAccount.call(account: { UserManager::CreateAccount.call(account: {
username: username, domain: "kosmos.org", email: email, username: username, domain: "kosmos.org", email: email,
password: "user is user", confirmed: true password: "user is user", confirmed: true
}) })

13
db/seeds/admin.asc Normal file
View File

@@ -0,0 +1,13 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEZvGiUxYJKwYBBAHaRw8BAQdARPZXLqyB3nylJuzuARlOJxqc9mchMKHI4Cy+
hPWlzja0GEFkbWluIDxhZG1pbkBrb3Ntb3Mub3JnPoiZBBMWCgBBFiEE0pie1+fG
ImdZwzGnwgEYSg8AulYFAmbxolMCGwMFCQWjmoAFCwkIBwICIgIGFQoJCAsCBBYC
AwECHgcCF4AACgkQwgEYSg8AulaldAEA7yzh7XRCdIJDHgLUvKHsy2NnyLaDD1Tl
hyZWbl5og0IBAJAQ2Dm82YXMdUK3X1OGlK8KH5O4E5lSFY4+8/xx0UEJuDgEZvGi
UxIKKwYBBAGXVQEFAQEHQJc8pzzeIF7Hm5z1eseRAqGvFa+V1BIDf+1XQzuJhhxi
AwEIB4h+BBgWCgAmFiEE0pie1+fGImdZwzGnwgEYSg8AulYFAmbxolMCGwwFCQWj
moAACgkQwgEYSg8AulbLtgEApZvuDqSP77lrl1jmtCAJEEZk/ofsRFkf1g3U3Zhm
9PcA/1+AbcyqjLTcqIPjHmZyGEPiaAvEsBzbPKEPiL3JYhkG
=45sx
-----END PGP PUBLIC KEY BLOCK-----

29
docker-compose.yml
View File

@@ -37,6 +37,9 @@ services:
- "3000:3000" - "3000:3000"
environment: environment:
RAILS_ENV: development RAILS_ENV: development
SOLID_QUEUE_IN_PUMA: true
LAUNCHY_DRY_RUN: true
BROWSER: /dev/null
PRIMARY_DOMAIN: kosmos.org PRIMARY_DOMAIN: kosmos.org
LDAP_HOST: ldap LDAP_HOST: ldap
LDAP_PORT: 3389 LDAP_PORT: 3389
@@ -54,30 +57,6 @@ services:
- ldap - ldap
- redis - redis
sidekiq:
build: .
command: bash -c "bundle exec sidekiq -C config/sidekiq.yml"
volumes:
- .:/akkounts
networks:
- internal_network
environment:
RAILS_ENV: development
PRIMARY_DOMAIN: kosmos.org
LDAP_HOST: ldap
LDAP_PORT: 3389
LDAP_ADMIN_PASSWORD: passthebutter
LDAP_USE_TLS: "false"
LAUNCHY_DRY_RUN: true
BROWSER: /dev/null
REDIS_URL: redis://redis:6379/0
RS_REDIS_URL: redis://redis:6379/1
RS_STORAGE_URL: "http://localhost:4567"
S3_ENABLED: false
depends_on:
- ldap
- redis
minio: minio:
image: quay.io/minio/minio:latest image: quay.io/minio/minio:latest
command: "server /data --console-address ':9001'" command: "server /data --console-address ':9001'"
@@ -111,7 +90,7 @@ services:
- redis - redis
strfry: strfry:
image: gitea.kosmos.org/kosmos/strfry-deno:1.1.1 image: gitea.kosmos.org/kosmos/strfry-deno:2.0.0
volumes: volumes:
- ./docker/strfry/strfry.conf:/etc/strfry.conf - ./docker/strfry/strfry.conf:/etc/strfry.conf
- ./extras/strfry:/opt/strfry - ./extras/strfry:/opt/strfry

Some files were not shown because too many files have changed in this diff Show More