Nicola Murino
80fb56bc48
WebClient: validate PDF files before rendering
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-09-23 16:53:15 +02:00
Nicola Murino
2da19ef233
backport OIDC related changes from main
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-07-23 15:31:57 +02:00
Nicola Murino
b34bc2b818
add license header to source files
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-07-18 13:43:25 +02:00
Nicola Murino
378995147b
try to better highlight donations and sponsorships options ...
...
... and to better explain why they are required.
Please don't say "someone else will help the project, I'll just use it"
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-07-16 20:29:10 +02:00
Nicola Murino
7fd5558400
parse IP proxy header also if listening on UNIX domain socket
...
Fixes #867
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-06-09 09:48:39 +02:00
Nicola Murino
f6b11c2d01
httpd/webdav: allow to configure trusted proxy header and depth
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-28 19:47:23 +02:00
Nicola Murino
32da923dfe
httpd: add a setting to customize tokens validation
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-28 13:28:50 +02:00
Nicola Murino
1a33b5bb53
allow different TLS certificates for each binding
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-21 16:34:47 +02:00
Nicola Murino
0ecaa862bd
web UIs: allow to replace the default CSS
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-21 11:05:58 +02:00
Nicola Murino
796ea1dde9
allow to store temporary sessions within the data provider
...
so we can persist password reset codes, OIDC auth sessions and tokens.
These features will also work in multi-node setups without sicky
sessions now
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-19 19:49:51 +02:00
Nicola Murino
5d7f6960f3
web UIs: add branding support
...
Fixes #829
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-13 19:40:52 +02:00
Tim Birkett
7b1a0d3cd3
chore: disallow all crawlers with robots.txt ( #833 )
...
Signed-off-by: Tim Birkett <tim.birkett@sainsburys.co.uk>
2022-05-13 09:23:43 +02:00
Nicola Murino
80da2dc722
try to automatically find shared data dirs in system-wide paths
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-05-05 11:27:19 +02:00
Nicola Murino
504cd3efda
add groups support
...
Using groups simplifies the administration of multiple accounts by
letting you assign settings once to a group, instead of multiple
times to each individual user.
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-25 15:49:11 +02:00
Nicola Murino
254b2ae87f
add support for AWS container
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-04-03 08:52:36 +02:00
Nicola Murino
5cccb872bb
add support to redirect HTTP to HTTPS
...
Fixes #777
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-03-26 10:00:02 +01:00
Nicola Murino
93b9c1617e
web UI: allow to load custom css
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-03-19 21:44:27 +01:00
Nicola Murino
5582f5c811
data provider: add automatic backups
...
Automatic backup are enabled by default, a new backup will be saved
each day at midnight.
The backups_path setting was moved from the httpd section to the
data_provider one, please adjust your configuration file and or your
env vars
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-03-13 13:45:07 +01:00
Nicola Murino
dcc3292dbc
web setup: add an optional installation code
...
The purpose of this code is to prevent anyone who can access to
the initial setup screen from creating an admin user
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-02-27 13:08:47 +01:00
Nicola Murino
7f674a7fb3
add more details to the server status page
...
add all supported fields to the OpenAPI docs
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-02-26 16:43:29 +01:00
Nicola Murino
f1a255aa6c
httpd: allow to restrict allowed hosts ...
...
... and to add security headers to the responses
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-02-17 18:22:27 +01:00
Nicola Murino
1fccd05e9e
allow to configure the minimum version of TLS to be enabled
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-02-13 15:56:07 +01:00
Nicola Murino
66945c0a02
Web UIs: add OpenID Connect support
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-02-13 14:30:20 +01:00
Nicola Murino
0a3d94f73d
log at info level the service configurations
...
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2022-01-05 13:22:49 +01:00
Nicola Murino
a587228cf0
add support for metadata plugins
2021-12-16 18:18:36 +01:00
Nicola Murino
c153330ab8
web client: use fetch to upload files
...
also add REST API to upload a single file as POST body
2021-12-08 19:25:22 +01:00
Nicola Murino
bedc8e288b
web client: add support for integrating external viewers/editors
2021-12-03 18:33:08 +01:00
Nicola Murino
6ee51c5cc1
kms: remove support for compat secrets
...
also document how to activate the deprecated builtin provider
2021-12-01 17:53:19 +01:00
Nicola Murino
3f3591bae0
web client: allow to preview images and pdf
...
pdf depends on browser support. It does not work on mobile devices.
2021-11-25 19:24:32 +01:00
Nicola Murino
3d6b09e949
REST API: expose OpenAPI schema and render it using Swagger UI
...
Fixes #609
2021-11-21 09:32:51 +01:00
Nicola Murino
0833b4698e
httpd service: add CORS support
2021-11-13 23:14:50 +01:00
Nicola Murino
78233ff9a3
web UI/REST API: add password reset
...
In order to reset the password from the admin/client user interface,
an SMTP configuration must be added and the user/admin must have an email
address.
You can prohibit the reset functionality on a per-user basis by using a
specific restriction.
Fixes #597
2021-11-13 13:25:43 +01:00
Nicola Murino
3bc58f5988
WebClient/REST API: add sharing support
2021-11-06 14:13:20 +01:00
Nicola Murino
74fc3aaf37
REST API: add events search
2021-10-23 15:47:21 +02:00
Nicola Murino
64e87d64bd
web client UI: allow to edit plain text files
...
Fixes #567
2021-10-09 14:17:28 +02:00
Nicola Murino
ba1febba73
rework user and admin profiles
...
users and admins can now also update their email and description
2021-09-29 18:46:15 +02:00
Nicola Murino
da5a061b65
add basic REST APIs for data retention
...
Fixes #495
2021-09-25 12:20:31 +02:00
Nicola Murino
7bad65a43e
user: add a permission to disable changing api key authentication
...
also implement the missing APIs to enable/disable api key authentication
2021-09-06 18:46:35 +02:00
Nicola Murino
8a4c21b64a
add builtin two-factor auth support
...
The builtin two-factor authentication is based on time-based one time
passwords (RFC 6238) which works with Authy, Google Authenticator and
other compatible apps.
2021-09-04 12:11:04 +02:00
Nicola Murino
fe953d6b38
REST API: add support for API key authentication
2021-08-17 18:08:32 +02:00
Nicola Murino
90b324d707
Add a link on the login pages to switch between admin and web client login
...
The links are hidden if only the web admin or only thw web client is
enabled and can also be controlled using the "hide_login_url" setting
Fixes #485
2021-07-27 18:43:00 +02:00
Nicola Murino
3a22aae34f
web UI: add support for upload, create dirs, rename, delete
2021-07-26 20:55:49 +02:00
Nicola Murino
ae8ccadad2
users API: add API to create, delete, rename files and directories
2021-07-23 10:19:27 +02:00
Nicola Murino
776dffcf12
kms: improve modularity
2021-07-13 21:17:21 +02:00
Nicola Murino
bd5191dfc5
add experimental plugin system
2021-07-11 15:26:51 +02:00
Nicola Murino
ff19879ffd
allow to use a persistent signing key for JWT and CSRF tokens
...
Fixes #466
2021-07-01 20:17:40 +02:00
Nicola Murino
076b2f0ee0
modules: add v2 support
2021-06-26 07:31:41 +02:00
Nicola Murino
3bb0ca1d2b
config: remove deprecated configuration keys
2021-06-19 09:47:06 +02:00
Nicola Murino
4be6307d87
webadmin: add defender page
2021-06-08 13:24:28 +02:00
Nicola Murino
feec2118bb
improve defender and quotas REST API
2021-06-07 21:52:43 +02:00