| Commit message (Collapse) | Author | Age | Lines |
|---|
| | |
|
| |
|
|
|
|
|
| |
If switched on, sends first five letters of the SHA1 hash of the entered
password to HIBP's API, which then returns all matching hashes in their
database of breached passwords. If we find a match, tell the user they
need to pick a different password.
|
| |
|
|
|
| |
Letting the code pick a default MAPIT_URL means it picks port 8000,
which will not work with the current Docker container setup.
|
| | |
|
| | |
|
| |
|
|
| |
This includes details of any failing updates in the summary script.
|
| | |
|
| | |
|
| |
|
|
| |
Allow a configurable number of bodies to fetch updates simultaneously.
|
| |
|
|
|
| |
Make them take start/end hour arguments, cope if only one given,
optional body, and combine them together in one `fetch` script.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Allows you to hide the banner introduced in 1f43fc9.
Useful when you’re making front-end changes—especially on small
screens—and don’t want the banner getting in the way.
|
| |\ |
|
| | |
| |
| |
| |
| |
| | |
This allows you to output a working Content-Security-Policy header, with
optional third-party domains, by setting a new CONTENT_SECURITY_POLICY
configuration option.
|
| |/ |
|
| | |
|
| |
|
|
|
| |
Add a configuration variable to use for the front page stats/
recent list, plus the max-age of `/reports`.
|
| |
|
|
|
|
|
|
| |
This adds a systemd service unit file for managing the FixMyStreet
Catalyst process manager.
This also updates the commonlib submodule with matching changes to
our install scripts.
|
| |
|
|
|
|
| |
The install script calls a service restart at build, this failed
if the stop action in the init script doesn't check for the
existence of the PIDFILE first, so check.
|
| |
|
|
|
| |
This is required to build some of the Perl modules pulled in by the
addition of `Net::Amazon::S3`.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This includes four containers: app, memcached, nginx, and postgres.
The preinit script is used at container startup to ensure the database
is initialised. Includes a volume for the Postgres database to permit
persistence. Also sets the `PGDATA` variable to a subdirectory to
support optional use of a filesystem mount.
The repo/branch can be specified at build time.
If `SUPERUSER_EMAIL` and `SUPERUSER_PASSWORD` are set when the FMS
container starts the preinit script will pass these to
`bin/createsuperuser` when it starts up. These have been set to test
values in the supplied Docker Compose configuration.
Reverse proxy issue
===================
If nginx and fms were on the same machine, ReverseProxy would
automatically be in use, but via docker containers they are not. Do we
need to force it to be switched on? Let's see. There are four possible
options, with their outcome:
* port not in Host, ReverseProxy not in use
Anything using the automatically-generated base instead of BASE_URL uses
port 9000, meaning those links don't work.
* port not in Host, ReverseProxy in use
Anything using the automatically-generated base instead of BASE_URL uses
port 80, meaning those links don't work (they would if you had
docker-compose listen on port 80, being then a similar situation to e.g.
the AMI image).
* port in Host, ReverseProxy not in use
This works *unless* the port is 80, just to be contrary to the above; in
that case it is stripped and :9000 is put back on, meaning those links
again don't work. I realise we use 8000, but would be confusing if
someone tried it out.
* port in Host, ReverseProxy in use
This works in all scenarios, and thus is what we go with.
|
| |
|
|
|
|
|
| |
- Adds support for additional variables intended to control when to
install postfix and postgres.
- Skips nginx setup and integration when performing a docker build.
- Don't print usage during docker build
|
| | |
|
| |
|
|
|
|
|
| |
Previously we assumed that any memcache instance would be running on
the local loopback interface. This commit makes this configurable with
a `MEMCACHED_HOST` option. If left unset, this will default to
`127.0.0.1`.
|
| | |
|
| |
|
|
|
| |
This also can set up users so that the admin
"Log user out" function works correctly.
|
| | |
|
| |
|
|
|
| |
This can optionally disable appcache for superusers which can be handy
in development.
|
| | |
|
| | |
|
| |
|
|
| |
A confirmation code is sent via Twilio to be entered on the site.
|
| | |
|
| |
|
|
| |
If set to 1, this restricts all pages on the site to logged-in users.
|
| |
|
|
| |
In the absence of making any changes. Fixes #1739.
|
| |
|
|
|
|
|
| |
Given a set of config files of the format `conf/general-{cobrand}.yml`
this script lets you easily create and recreate a symlink at
`conf/general.yml` that points to the cobrand config of your choice. The
test suite also then uses this naming convention.
|
| |
|
|
|
|
| |
Now that MapIt is https only the proxy pass URLs need to be https
otherwise we proxy back the 301 redirect and various bits of the
JavaScript fail the pre-flight CORS check.
|
| |
|
|
|
| |
These two packages were previously installed as a dependency of
postgresql-server-dev-all, but are no longer on stretch.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Email::Send is long deprecated and uses submodules that no longer work
correctly (e.g. Net::SMTP::TLS breaks with recent IO::Socket::SSL). We
create an Email::Sender subclass to perform the same functionality and
this also simplifies the email code with simpler envelope handling.
Bundle Email::Sender::Transport::SMTP to include fix from
https://github.com/rjbs/Email-Sender/issues/46
|
| | |
|
| | |
|
| |
|
|
| |
This makes it easier to perform manual testing of cobrands.
|
| |
|
|
|
| |
If they are absolute already, do nothing.
Switch a couple of uses to Path::Tiny as well.
|
| |
|
|
| |
Fixes #1313.
|
| |
|
|
|
|
|
|
| |
This allows multiple test suites to run simultaneously (beforehand, a
second run would overwrite the same config file and lose its database
connection).
Clean up the created config file on exit.
|
