From: lain <lain@soykaf.club>
Date: Sat, 4 May 2019 13:00:45 +0000 (+0200)
Subject: Merge remote-tracking branch 'origin/develop' into feature/bbs
X-Git-Url: https://git.squeep.com/?a=commitdiff_plain;h=6ad8ddfd290f0239956874ccc9dc181167e84647;p=akkoma

Merge remote-tracking branch 'origin/develop' into feature/bbs
---

6ad8ddfd290f0239956874ccc9dc181167e84647
diff --cc config/config.exs
index 33724346e,1a9738cff..5824efb1c
--- a/config/config.exs
+++ b/config/config.exs
@@@ -378,9 -443,31 +443,34 @@@ config :pleroma, :ldap
    base: System.get_env("LDAP_BASE") || "dc=example,dc=com",
    uid: System.get_env("LDAP_UID") || "cn"
  
 +config :esshd,
 +  enabled: false
 +
+ oauth_consumer_strategies = String.split(System.get_env("OAUTH_CONSUMER_STRATEGIES") || "")
+ 
+ ueberauth_providers =
+   for strategy <- oauth_consumer_strategies do
+     strategy_module_name = "Elixir.Ueberauth.Strategy.#{String.capitalize(strategy)}"
+     strategy_module = String.to_atom(strategy_module_name)
+     {String.to_atom(strategy), {strategy_module, [callback_params: ["state"]]}}
+   end
+ 
+ config :ueberauth,
+        Ueberauth,
+        base_path: "/oauth",
+        providers: ueberauth_providers
+ 
+ config :pleroma, :auth, oauth_consumer_strategies: oauth_consumer_strategies
+ 
+ config :pleroma, Pleroma.Emails.Mailer, adapter: Swoosh.Adapters.Sendmail
+ 
+ config :prometheus, Pleroma.Web.Endpoint.MetricsExporter, path: "/api/pleroma/app_metrics"
+ 
+ config :pleroma, Pleroma.ScheduledActivity,
+   daily_user_limit: 25,
+   total_user_limit: 300,
+   enabled: true
+ 
  # Import environment specific config. This must remain at the bottom
  # of this file so it overrides the configuration defined above.
  import_config "#{Mix.env()}.exs"
diff --cc docs/config.md
index 4fb4f530b,ad55d44a7..57d383db5
--- a/docs/config.md
+++ b/docs/config.md
@@@ -352,25 -444,68 +444,89 @@@ Pleroma account will be created with th
  * `base`: LDAP base, e.g. "dc=example,dc=com"
  * `uid`: LDAP attribute name to authenticate the user, e.g. when "cn", the filter will be "cn=username,base"
  
- ## Pleroma.Web.Auth.Authenticator
- 
- * `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator
- * `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication
- 
 +## BBS / SSH access
 +
 +To enable simple command line interface accessible over ssh, add a setting like this to your configuration file:
 +
 +```exs
 +app_dir = File.cwd!
 +priv_dir = Path.join([app_dir, "priv/ssh_keys"])
 +
 +config :esshd,
 +  enabled: true,
 +  priv_dir: priv_dir,
 +  handler: "Pleroma.BBS.Handler",
 +  port: 10_022,
 +  password_authenticator: "Pleroma.BBS.Authenticator"
 +```
 +
 +Feel free to adjust the priv_dir and port number. Then you will have to create the key for the keys (in the example `priv/ssh_keys`) and create the host keys with `ssh-keygen -N "" -b 2048 -t rsa -f ssh_host_rsa_key`. After restarting, you should be able to connect to your Pleroma instance with `ssh username@server -p $PORT`
++
+ ## :auth
+ 
++* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator
++* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication
++
+ Authentication / authorization settings.
+ 
+ * `auth_template`: authentication form template. By default it's `show.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/show.html.eex`.
+ * `oauth_consumer_template`: OAuth consumer mode authentication form template. By default it's `consumer.html` which corresponds to `lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex`.
+ * `oauth_consumer_strategies`: the list of enabled OAuth consumer strategies; by default it's set by OAUTH_CONSUMER_STRATEGIES environment variable.
+ 
+ # OAuth consumer mode
+ 
+ OAuth consumer mode allows sign in / sign up via external OAuth providers (e.g. Twitter, Facebook, Google, Microsoft, etc.).
+ Implementation is based on Ueberauth; see the list of [available strategies](https://github.com/ueberauth/ueberauth/wiki/List-of-Strategies).
+ 
+ Note: each strategy is shipped as a separate dependency; in order to get the strategies, run `OAUTH_CONSUMER_STRATEGIES="..." mix deps.get`,
+ e.g. `OAUTH_CONSUMER_STRATEGIES="twitter facebook google microsoft" mix deps.get`.
+ The server should also be started with `OAUTH_CONSUMER_STRATEGIES="..." mix phx.server` in case you enable any strategies.
+ 
+ Note: each strategy requires separate setup (on external provider side and Pleroma side). Below are the guidelines on setting up most popular strategies.
+ 
+ Note: make sure that `"SameSite=Lax"` is set in `extra_cookie_attrs` when you have this feature enabled. OAuth consumer mode will not work with `"SameSite=Strict"`
+ 
+ * For Twitter, [register an app](https://developer.twitter.com/en/apps), configure callback URL to https://<your_host>/oauth/twitter/callback
+ 
+ * For Facebook, [register an app](https://developers.facebook.com/apps), configure callback URL to https://<your_host>/oauth/facebook/callback, enable Facebook Login service at https://developers.facebook.com/apps/<app_id>/fb-login/settings/
+ 
+ * For Google, [register an app](https://console.developers.google.com), configure callback URL to https://<your_host>/oauth/google/callback
+ 
+ * For Microsoft, [register an app](https://portal.azure.com), configure callback URL to https://<your_host>/oauth/microsoft/callback
+ 
+ Once the app is configured on external OAuth provider side, add app's credentials and strategy-specific settings (if any — e.g. see Microsoft below) to `config/prod.secret.exs`,
+ per strategy's documentation (e.g. [ueberauth_twitter](https://github.com/ueberauth/ueberauth_twitter)). Example config basing on environment variables:
+ 
+ ```elixir
+ # Twitter
+ config :ueberauth, Ueberauth.Strategy.Twitter.OAuth,
+   consumer_key: System.get_env("TWITTER_CONSUMER_KEY"),
+   consumer_secret: System.get_env("TWITTER_CONSUMER_SECRET")
+ 
+ # Facebook
+ config :ueberauth, Ueberauth.Strategy.Facebook.OAuth,
+   client_id: System.get_env("FACEBOOK_APP_ID"),
+   client_secret: System.get_env("FACEBOOK_APP_SECRET"),
+   redirect_uri: System.get_env("FACEBOOK_REDIRECT_URI")
+ 
+ # Google
+ config :ueberauth, Ueberauth.Strategy.Google.OAuth,
+   client_id: System.get_env("GOOGLE_CLIENT_ID"),
+   client_secret: System.get_env("GOOGLE_CLIENT_SECRET"),
+   redirect_uri: System.get_env("GOOGLE_REDIRECT_URI")
+ 
+ # Microsoft
+ config :ueberauth, Ueberauth.Strategy.Microsoft.OAuth,
+   client_id: System.get_env("MICROSOFT_CLIENT_ID"),
+   client_secret: System.get_env("MICROSOFT_CLIENT_SECRET")
+ 
+ config :ueberauth, Ueberauth,
+   providers: [
+     microsoft: {Ueberauth.Strategy.Microsoft, [callback_params: []]}
+   ]
+ ```
+ 
+ ## :emoji
+ * `shortcode_globs`: Location of custom emoji files. `*` can be used as a wildcard. Example `["/emoji/custom/**/*.png"]`
+ * `groups`: Emojis are ordered in groups (tags). This is an array of key-value pairs where the key is the groupname and the value the location or array of locations. `*` can be used as a wildcard. Example `[Custom: ["/emoji/*.png", "/emoji/custom/*.png"]]`
+ * `default_manifest`: Location of the JSON-manifest. This manifest contains information about the emoji-packs you can download. Currently only one manifest can be added (no arrays).
diff --cc mix.exs
index 58b0db9a1,c553b835b..38e83e679
--- a/mix.exs
+++ b/mix.exs
@@@ -41,7 -41,7 +41,7 @@@ defmodule Pleroma.Mixfile d
    def application do
      [
        mod: {Pleroma.Application, []},
-       extra_applications: [:logger, :runtime_tools, :comeonin, :esshd],
 -      extra_applications: [:logger, :runtime_tools, :comeonin, :quack],
++      extra_applications: [:logger, :runtime_tools, :comeonin, :esshd, :quack],
        included_applications: [:ex_syslogger]
      ]
    end
@@@ -91,12 -99,21 +99,22 @@@
        {:floki, "~> 0.20.0"},
        {:ex_syslogger, github: "slashmili/ex_syslogger", tag: "1.4.0"},
        {:timex, "~> 3.5"},
+       {:ueberauth, "~> 0.4"},
        {:auto_linker,
         git: "https://git.pleroma.social/pleroma/auto_linker.git",
-        ref: "94193ca5f97c1f9fdf3d1469653e2d46fac34bcd"},
+        ref: "c00c4e75b35367fa42c95ffd9b8c455bf9995829"},
        {:pleroma_job_queue, "~> 0.2.0"},
-       {:esshd, "~> 0.1.0"}
-     ]
+       {:telemetry, "~> 0.3"},
+       {:prometheus_ex, "~> 3.0"},
+       {:prometheus_plugs, "~> 1.1"},
+       {:prometheus_phoenix, "~> 1.2"},
+       {:prometheus_ecto, "~> 1.4"},
+       {:prometheus_process_collector, "~> 1.4"},
+       {:recon, github: "ferd/recon", tag: "2.4.0"},
+       {:quack, "~> 0.1.1"},
 -      {:benchee, "~> 1.0"}
++      {:benchee, "~> 1.0"},
++                                                       {:esshd, "~> 0.1.0"}
+     ] ++ oauth_deps
    end
  
    # Aliases are shortcuts or tasks specific to the current project.
diff --cc mix.lock
index a8b06b433,e97f4ec38..df4d31c2f
--- a/mix.lock
+++ b/mix.lock
@@@ -15,10 -18,10 +18,11 @@@
    "crypt": {:git, "https://github.com/msantos/crypt", "1f2b58927ab57e72910191a7ebaeff984382a1d3", [ref: "1f2b58927ab57e72910191a7ebaeff984382a1d3"]},
    "db_connection": {:hex, :db_connection, "2.0.5", "ddb2ba6761a08b2bb9ca0e7d260e8f4dd39067426d835c24491a321b7f92a4da", [:mix], [{:connection, "~> 1.0.2", [hex: :connection, repo: "hexpm", optional: false]}], "hexpm"},
    "decimal": {:hex, :decimal, "1.7.0", "30d6b52c88541f9a66637359ddf85016df9eb266170d53105f02e4a67e00c5aa", [:mix], [], "hexpm"},
-   "earmark": {:hex, :earmark, "1.3.0", "17f0c38eaafb4800f746b457313af4b2442a8c2405b49c645768680f900be603", [:mix], [], "hexpm"},
+   "deep_merge": {:hex, :deep_merge, "1.0.0", "b4aa1a0d1acac393bdf38b2291af38cb1d4a52806cf7a4906f718e1feb5ee961", [:mix], [], "hexpm"},
+   "earmark": {:hex, :earmark, "1.3.2", "b840562ea3d67795ffbb5bd88940b1bed0ed9fa32834915125ea7d02e35888a5", [:mix], [], "hexpm"},
    "ecto": {:hex, :ecto, "3.0.7", "44dda84ac6b17bbbdeb8ac5dfef08b7da253b37a453c34ab1a98de7f7e5fec7f", [:mix], [{:decimal, "~> 1.6", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:poison, "~> 2.2 or ~> 3.0", [hex: :poison, repo: "hexpm", optional: true]}], "hexpm"},
    "ecto_sql": {:hex, :ecto_sql, "3.0.5", "7e44172b4f7aca4469f38d7f6a3da394dbf43a1bcf0ca975e958cb957becd74e", [:mix], [{:db_connection, "~> 2.0", [hex: :db_connection, repo: "hexpm", optional: false]}, {:ecto, "~> 3.0.6", [hex: :ecto, repo: "hexpm", optional: false]}, {:mariaex, "~> 0.9.1", [hex: :mariaex, repo: "hexpm", optional: true]}, {:postgrex, "~> 0.14.0", [hex: :postgrex, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.3.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm"},
 +  "esshd": {:hex, :esshd, "0.1.0", "6f93a2062adb43637edad0ea7357db2702a4b80dd9683482fe00f5134e97f4c1", [:mix], [], "hexpm"},
    "eternal": {:hex, :eternal, "1.2.0", "e2a6b6ce3b8c248f7dc31451aefca57e3bdf0e48d73ae5043229380a67614c41", [:mix], [], "hexpm"},
    "ex_aws": {:hex, :ex_aws, "2.1.0", "b92651527d6c09c479f9013caa9c7331f19cba38a650590d82ebf2c6c16a1d8a", [:mix], [{:configparser_ex, "~> 2.0", [hex: :configparser_ex, repo: "hexpm", optional: true]}, {:hackney, "1.6.3 or 1.6.5 or 1.7.1 or 1.8.6 or ~> 1.9", [hex: :hackney, repo: "hexpm", optional: true]}, {:jsx, "~> 2.8", [hex: :jsx, repo: "hexpm", optional: true]}, {:poison, ">= 1.2.0", [hex: :poison, repo: "hexpm", optional: true]}, {:sweet_xml, "~> 0.6", [hex: :sweet_xml, repo: "hexpm", optional: true]}, {:xml_builder, "~> 0.1.0", [hex: :xml_builder, repo: "hexpm", optional: true]}], "hexpm"},
    "ex_aws_s3": {:hex, :ex_aws_s3, "2.0.1", "9e09366e77f25d3d88c5393824e613344631be8db0d1839faca49686e99b6704", [:mix], [{:ex_aws, "~> 2.0", [hex: :ex_aws, repo: "hexpm", optional: false]}, {:sweet_xml, ">= 0.0.0", [hex: :sweet_xml, repo: "hexpm", optional: true]}], "hexpm"},