Commit graph

102 commits

Author SHA1 Message Date
muxator
70bc71c0c3 skins: make "colibris" the default skin for new installations
Colibris skin was first introduced in 1.7.5 and received some bugfixes in 1.8.0.
It is now time to make it the default for new installs.
2019-12-08 00:32:03 +01:00
muxator
a817acbbcc security: when served over https, set the "secure" flag for "express_sid" and "language" cookie
The mechanism used for determining if the application is being served over SSL
is wrapped by the "express-session" library for "express_sid", and manual for
the "language" cookie, but it's very similar in both cases.

The "secure" flag is set if one of these is true:

1. we are directly serving Etherpad over SSL using the native nodejs
   functionality, via the "ssl" options in settings.json

2. Etherpad is being served in plaintext by nodejs, but we are using a reverse
   proxy for terminating the SSL for us;
   In this case, the user has to be instructed to properly set trustProxy: true
   in settings.json, and the information wheter the application is over SSL or
   not will be extracted from the X-Forwarded-Proto HTTP header.

Please note that this will not be compatible with applications being served over
http and https at the same time.

The change on webaccess.js amends 009b61b338, which did not work when the SSL
termination was performed by a reverse proxy.

Reference for automatic "express_sid" configuration:
https://github.com/expressjs/session/blob/v1.17.0/README.md#cookiesecure

Closes #3561.
2019-12-07 04:36:01 +01:00
muxator
7c099fef5e settings: do not create a user if he has no password field, or if his password is null.
This will be used by the settings.json in the default Dockerfile to eschew
creating an admin user when no password is set.

Closes #3648.
2019-10-19 00:54:56 +02:00
muxator
4e758a9f4a settings: better explain that no default value is very different from ''
If environment variable PASSW is not defined, the following would be very
different:

  "password": "${PASSW}"  // would result in password === null
  "password": "${PASSW:}" // would result in password === ''

This characteristic will be used in the next commit, when we will use it to
discard a user if his password were null (and in turn use it for docker
containerization).

No functional changes.
2019-10-19 00:34:00 +02:00
muxator
1cc6838772 settings: reformat settings.json.template, in preparation for next commits
No functional changes.
2019-10-10 20:25:34 +02:00
Tristram Gräbener
357780d573 Display the version in the web interface
In the settings drop-down this adds an “About” section that also shows
the commit if "exposeVersion" is set to true.

Fixes #2968
2019-04-15 23:17:34 +00:00
Tristram Gräbener
28a6f505c5 Parameters: the version is exposed in http header only when configured
Currently the version is exposed in a 'Server' http headers.

This commit allows to parameterize it in the settings. By defaults it is
not exposed.

Fixes #3423
2019-04-15 23:17:34 +00:00
muxator
2955740a6e Settings.js: support syntax for default values
+---------------------------+---------------+------------------+
| Configuration string in   | Value of      | Resulting confi- |
| settings.json             | ENV_VAR       | guration value   |
|---------------------------|---------------|------------------|
| "${ENV_VAR}"              | "some_string" | "some_string"    |
| "${ENV_VAR}"              | "9001"        | 9001             |
| "${ENV_VAR}"              | undefined     | null             |
| "${ENV_VAR:some_default}" | "some_string" | "some_string"    |
| "${ENV_VAR:some_default}" | undefined     | "some_default"   |
+---------------------------+---------------+------------------+

Mention this briefly in the main README.md, also.

Closes #3578.
2019-03-21 23:32:08 +01:00
muxator
21ac37170e doc: rephrase settings.json.template and Settings.js
Better document current behaviour.
In this revision, ENV_VAR are supported, default values are not.
2019-03-21 23:32:08 +01:00
muxator
6d400050a3 Settings.js: support configuration via environment variables.
All the configuration values can be read from environment variables using the
syntax "${ENV_VAR_NAME}".
This is useful, for example, when running in a Docker container.

EXAMPLE:
   "port":     "${PORT}"
   "minify":   "${MINIFY}"
   "skinName": "${SKIN_NAME}"

Would read the configuration values for those items from the environment
variables PORT, MINIFY and SKIN_NAME.

REMARKS:
Please note that a variable substitution always needs to be quoted.
   "port":   9001,          <-- Literal values. When not using substitution,
   "minify": false              only strings must be quoted: booleans and
   "skin":   "colibris"         numbers must not.

   "port":   ${PORT}        <-- ERROR: this is not valid json
   "minify": ${MINIFY}
   "skin":   ${SKIN_NAME}

   "port":   "${PORT}"      <-- CORRECT: if you want to use a variable
   "minify": "${MINIFY}"        substitution, put quotes around its name,
   "skin":   "${SKIN_NAME}"     even if the required value is a number or a
                                boolean.
                                Etherpad will take care of rewriting it to
                                the proper type if necessary.

Resolves #3543
2019-03-11 08:11:30 +01:00
muxator
ee4a27d10e settings.json.template: minor rewording of a comment 2019-03-11 08:11:30 +01:00
muxator
7edc0fea16 skins: added new parameter "skinName" in setting.json.template
"colibris" does not exist yet, but let's mention it anyway.
2018-08-26 21:17:04 +02:00
muxator
06476f7ad2 settings.json.template: reorganized dbSetting section to be more comment-friendly
It is better to keep the dirtyDB settings together, so they can be commented out
via a /* ... */.
Nested comments blocks would crash the application on start, because they are
syntactically incorrect.

Let's reduce this possibility, promoting an easier standard.
2018-08-24 01:26:05 +02:00
muxator
d38f53181f settings.json: in the mysql example, mention the existence of port parameter
The port parameter is supported by the mysql driver, but to know this one has to
read through ueberDB's code.

At least for this simple case, it may make sense to be explicit.

Fixes #3453
2018-08-11 16:44:37 +02:00
muxator
10f0cb3253 security: suggest installing ep_hash_auth to get rid of plain text passwords
In its current form, Etherpad stores passwords for users in plain text in
settings.json. We should at least mention the opportunity of installing
ep_hash_auth to start tackling this problem.

The advice was added in README.md and in settings.json.template

Fixes #3444
2018-08-09 00:17:15 +02:00
muxator
044f761b99 settings.json: reformat comments, no functional changes. 2018-08-08 23:49:32 +02:00
Wikinaut
6dd172d6b7 Update settings.json.template 2018-05-12 21:48:21 +02:00
Wikinaut
784bd8c7cc Update settings.json.template
harmonizing the database name. "store" is the table name - not to be used here! Database name must not contain "-", but can contain "_". See https://github.com/ether/etherpad-lite/wiki/How-to-use-Etherpad-Lite-with-MySQL
2018-05-12 21:48:21 +02:00
Joas Souza
f1fcd16894 Add settings to scroll on edition out of viewport (#3282)
* Add scroll when it edits a line out of viewport

By default, when there is an edition of a line, which is out of the
viewport, Etherpad scrolls the minimum necessary to make this line
visible. This makes that the line stays either on the top or the bottom
of the viewport. With this commit, we add a setting to make possible to
scroll to a position x% pixels from the viewport. Besides of that, we
add a setting to make an animation of this scroll.
If nothing is changed on settings.json the Etherpad default behavior is
kept
2018-01-03 19:57:28 -02:00
Luiza Pagliari
0cb8d31e95 [fix] Have one setting for each shortcut to create ordered list
This is an adjustment to #2891.
2017-05-11 14:56:09 -03:00
Luiza Pagliari
97038c2183 [fix] Fix shortcut enabling flag for 'ESC'
This is an adjustment to #2891.
2017-05-11 12:36:20 -03:00
Luiza Pagliari
688e8f37a3 [fix] Fix format of settings template + add information about shortcuts
There was an extra comma at the end of shortcut list, this was breaking
Etherpad startup.

This is an adjustment to #2891.
2017-05-11 12:32:12 -03:00
Luiza Pagliari
1ebcf0dc47 Merge pull request #2891 from bhldev/padShortcutDisable
Added pad shortcut disabling feature to settings.json
2017-05-11 11:29:25 -03:00
Luiza Pagliari
009cd31243 [feature] Create option to automatically reconnect after a few seconds
On some erros that display a modal with "Force reconnect" button, allow
Etherpad to automatically reload pad after a few seconds. Amount of
seconds is defined on settings.json.

Still need to create tests for this feature, and implement i18n.
2017-04-04 11:09:24 -03:00
Paul Carver
573b55af8b Correct the spelling of occured to occurred
The correct spelling is occurred. See
http://www.gingersoftware.com/english-online/spelling-book/misspelling/occurred-occured-ocurred
or other dictionary search results.
2016-11-11 12:46:40 -05:00
Dan Bornstein
219a1dc3e3 Fix value to be valid JSON.
Also fixed some errant EOL whitespace.
2016-08-12 11:05:40 -07:00
LokeshN
a8d5dc0693 Issue #2960 - deactivate settings.json
Deactivate settings.json in Admin dashboard
2016-05-22 21:12:21 +05:30
Brian Lim
26aeb7b705 Added pad shortcut disabling feature 2016-01-21 07:38:41 -05:00
Stefan
8bf53c63cc set charset for mysql connection in settings.json 2015-12-21 21:02:54 +01:00
John McLear
0617f81689 remove applySettings hook and allow credentials.json to be part of core 2015-12-02 11:53:41 +00:00
John McLear
50171a4c3c Merge pull request #2805 from storytouch/indentationSetting
Create setting to control if a new line will be indented or not
2015-10-22 16:12:07 +01:00
Simon Gaeremynck
2bfc3026d2 Allow LibreOffice to be used when exporting a pad
This commit adds support for LibreOffice when exporting a pad to doc, pdf, ..

This commit also cleans up some export logic when exporting to txt
2015-10-20 19:46:08 +01:00
Luiza Pagliari
5deb06d589 Create setting to control if a new line will be indented or not
Currently pressing ENTER on a line that ends with ':', '[', '(' or '{'
automaticaly indents the new line with 4 spaces. The variable added by
this commit to settings.json allow an Etherpad instance to not have this
behavior.
2015-10-13 18:39:23 -03:00
gen2
0e59e5a77f Fix typo in comment 2015-08-08 06:56:14 +01:00
John McLear
04d5e25305 Update settings.json.template 2015-06-23 23:03:56 +01:00
Simon Gaeremynck
786b43efc8 Tidy HTML before trying to convert it with abiword 2015-05-18 16:24:41 +01:00
Andreas Åkre Solberg
ec7b3fc787 Adding support for providing intermediate CA certificates when running etherpad-lite with ssl through Node/expressjs 2015-04-22 20:29:19 +02:00
John McLear
8ed12c7776 session key is now ignored and also padOptions are available in settings 2015-04-11 21:22:00 +01:00
Stefan
a3ed82ad06 Move sessionKey setting from settings.json to SESSIONKEY.txt 2015-04-11 18:45:14 +02:00
John McLear
3a969f8dd8 pass error messages to pad text if shown during startup 2015-04-06 00:13:38 +01:00
John McLear
ec6a2b5ba9 allow for load testing connections to hit by a setting 2015-02-16 23:02:19 +00:00
John McLear
83b7ca529b tidy up template a bit 2014-07-22 16:03:49 +01:00
John McLear
95ab126fe2 tidy up template a bit 2014-07-22 16:03:26 +01:00
John McLear
6dfe33258a tidy up template a bit 2014-07-22 16:02:56 +01:00
John McLear
aa908ea8ce tidy up template a bit 2014-07-22 16:02:22 +01:00
John McLear
17f26b8c2c Support to allow for a setting so you can stop unknown file types from being imported 2014-07-22 15:46:31 +01:00
Marcel Klehr
b1b972a2b4 Merge pull request #1787 from goldquest/dev_nopass_whensession
Grant access for valid session to password protected group pads

so, if user has valid session, they don't need the password
2014-06-17 14:01:16 +02:00
Marcel Klehr
6054cda473 Create a customizable timeslider toolbar 2014-03-30 13:02:41 +02:00
Marcel Klehr
a369347d86 Merge branch 'pr/1579' into toolbar-test
Conflicts:
	settings.json.template
	src/static/js/pad_editbar.js
2014-03-16 13:30:22 +01:00
Luc Didry
3d8452b143 Replace tabs indentation with spaces indentation
Some files are obviously external libraries, I didn't touch them
2013-12-05 08:41:29 +01:00