From f77ff50150e6ff5d1f2b03c4f465846d5bb49a96 Mon Sep 17 00:00:00 2001 From: vnugent Date: Fri, 7 Jun 2024 15:45:56 -0400 Subject: Squashed commit of the following: commit 8ed4663e539d9c2ea58aaad02a1fc2896956f6b6 Author: vnugent Date: Fri Jun 7 15:43:48 2024 -0400 fix: invalid chars in status cookie name commit 9d1df65d99732a68b4fe96dcc75273442cbd322f Author: vnugent Date: Thu Jun 6 21:31:30 2024 -0400 fix: Some container fixes and compatability commit 5ecd6b39cccdc9500540b10685605b5fcba61f69 Author: vnugent Date: Thu Jun 6 17:19:48 2024 -0400 Update and expose storage config for container commit 3a62bafd210a2e00d23d3df773e47011e09eba6e Author: vnugent Date: Thu Jun 6 16:18:36 2024 -0400 ci: build admin lib before building front-end commit 35920ad6c8596fc14bcfed66303511e8c249be8d Author: vnugent Date: Thu Jun 6 15:56:36 2024 -0400 ci: Local vite config, force set lib versions commit 3c228b3cc5172fae398af8de72b64bd780ace20c Author: vnugent Date: Wed Jun 5 19:55:39 2024 -0400 ci: Update packages and add container build commit 21d2719701f851d4a555c363b141f289f14a5192 Author: vnugent Date: Wed Jun 5 15:58:07 2024 -0400 fix: #1 new channel page when hitting new button commit eefba88ac4e2c70517aa71c79ed94c346f9de554 Author: vnugent Date: Wed Jun 5 15:26:15 2024 -0400 chore: Package updates commit 9eed4022a79f2cba139c9f8a359bfc8c1f9c31c5 Author: vnugent Date: Wed Jun 5 14:44:08 2024 -0400 ci: Stage blocking changes --- ci/config/CMNext.json | 44 --------- ci/config/Essentials.Accounts.json | 73 --------------- ci/config/PageRouter.json | 6 -- ci/config/SessionProvider.json | 21 ----- ci/config/config.json | 183 ------------------------------------- ci/config/routes.xml | 44 --------- 6 files changed, 371 deletions(-) delete mode 100644 ci/config/CMNext.json delete mode 100644 ci/config/Essentials.Accounts.json delete mode 100644 ci/config/PageRouter.json delete mode 100644 ci/config/SessionProvider.json delete mode 100644 ci/config/config.json delete mode 100644 ci/config/routes.xml (limited to 'ci/config') diff --git a/ci/config/CMNext.json b/ci/config/CMNext.json deleted file mode 100644 index d11a8f9..0000000 --- a/ci/config/CMNext.json +++ /dev/null @@ -1,44 +0,0 @@ -{ - //Enables debug logging - "debug": false, - - "post_endpoint": { - "path": "/api/blog/posts" - }, - - "channel_endpoint": { - "path": "/api/blog/channels" - }, - - "content_endpoint": { - "path": "/api/blog/content", - "max_content_length": 50000000 - }, - - "blog_channels": { - //The index file for storing channel configuration - "index_file_name": "blogs/channels.json" - }, - - //S3 setup with vault secrets - "disabled s3_config": { - "server_address": "", - "access_key": "", - "bucket": "", - "use_ssl": true, - "Region": null - }, - - "disabled ftp_config": { - "url": "", - "username": "", - //Base path within the ftp user's directory - "base_path": "" - }, - - "secrets": { - //Set the vault path to the s3 secret - "s3_secret": "", - "ftp_password": "" - } -} \ No newline at end of file diff --git a/ci/config/Essentials.Accounts.json b/ci/config/Essentials.Accounts.json deleted file mode 100644 index b28caf4..0000000 --- a/ci/config/Essentials.Accounts.json +++ /dev/null @@ -1,73 +0,0 @@ -{ - "debug": false, - - //endpoints - - "login_endpoint": { - "path": "/api/account/login", - "max_login_attempts": 10, //10 failed attempts in 10 minutes - "failed_attempt_timeout_sec": 600 //10 minutes - }, - - "keepalive_endpoint": { - "path": "/api/account/keepalive", - //Regen token every 10 mins along with cookies - "token_refresh_sec": 600 //10 minutes - }, - - "profile_endpoint": { - "path": "/api/account/profile" - }, - - "password_endpoint": { - "path": "/api/account/reset" - }, - - "mfa_endpoint": { - "path": "/api/account/mfa" - }, - - "logout_endpoint": { - "path": "/api/account/logout" - }, - - "pki_auth_endpoint": { - "path": "/api/account/pki", - "jwt_time_dif_sec": 30, - "max_login_attempts": 10, - "failed_attempt_timeout_sec": 600, - //Configures the PATCH and DELETE methods to update the user's stored key when logged in - "enable_key_update": true - }, - - //If mfa is defined, configures mfa enpoints and enables mfa logins - "mfa": { - "upgrade_expires_secs": 180, - "nonce_size": 64, - - //Defines totp specific arguments - "totp": { - "digits": 6, - "issuer": "CMNext", - "period_secs": 30, - "algorithm": "sha1", - "secret_size": 32, - "window_size": 2 - } - }, - - //Defines the included account provider - "account_security": { - //Time in seconds before a session is considered expired - "session_valid_for_sec": 3600, - //Path/domain for all security cookies - "cookie_domain": "", - "cookie_path": "/", - "status_cookie_name": "li", //front-end cookie name must match to detect login status - "otp_header_name": "X-Web-Token", //Front-end header name must match - "otp_time_diff_sec": 30, - "otp_key_size": 64, - "pubkey_cookie_name": "client-id", - "pubkey_signing_key_size": 32 - } -} \ No newline at end of file diff --git a/ci/config/PageRouter.json b/ci/config/PageRouter.json deleted file mode 100644 index 7d24da8..0000000 --- a/ci/config/PageRouter.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "debug": false, - "store": { - "route_file": "config/routes.xml" - } -} \ No newline at end of file diff --git a/ci/config/SessionProvider.json b/ci/config/SessionProvider.json deleted file mode 100644 index a578b0d..0000000 --- a/ci/config/SessionProvider.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - - "debug": false, - - //Provider assemblies to load - "provider_assemblies": [ "VNLib.Plugins.Sessions.VNCache.dll" ], - - //Web session provider, valid format for VNCache and also memory sessions - "web": { - //Cache system key prefix - "cache_prefix": "websessions", - //The session cookie name - "cookie_name": "VNSession", - //Size in bytes for generated session ids - "cookie_size": 40, - //time (in seconds) a session is valid for - "valid_for_sec": 3600, - //The maxium number of connections waiting for the cache server responses - "max_waiting_connections": 100 - } -} \ No newline at end of file diff --git a/ci/config/config.json b/ci/config/config.json deleted file mode 100644 index b410399..0000000 --- a/ci/config/config.json +++ /dev/null @@ -1,183 +0,0 @@ -{ - - //Host application config, config is loaded as a read-only DOM that is available - //to the host and loaded child plugins, all elements are available to plugins via the 'HostConfig' property - - "http": { - //The defaut HTTP version to being requests with (does not support http/2 yet) - "default_version": "HTTP/1.1", - //The maxium size (in bytes) of response messges that will be compressed - "compression_limit": 2048000, - //Minium response size (in bytes) to compress - "compression_minimum": 2048, - //The size of the buffer to use when parsing multipart/form data uploads - "multipart_max_buf_size": 20480, - //The maxium ammount of data (in bytes) allows for mulitpart/form data file uploads - "multipart_max_size": 80240, - //Absolute maximum size (in bytes) of the request entity body (exludes headers) - "max_entity_size": 1024000, - //Keepalive ms for HTTP1.1 keepalive connections - "keepalive_ms": 1000000, - //The buffer size to use when parsing headers (also the maxium request header size allowed) - "header_buf_size": 8128, - //The maxium number of headers allowed in an HTTP request message - "max_request_header_count": 50, - //The maxium number of allowed network connections, before 503s will be issued automatically and connections closed - "max_connections": 5000, - //The size in bytes of the buffer to use when writing response messages - "response_buf_size": 65535, - //time (in ms) to wait for a response from an active connection in recv mode, before dropping it - "recv_timeout_ms": 5000, - //Time in ms to wait for the client to accept transport data before terminating the connection - "send_timeout_ms": 60000, - //The size (in bytes) of the buffer used to store all response header data - "response_header_buf_size": 16384, - //Max number of file uploads allowed per request - "max_uploads_per_request": 10 - }, - - //Path to managed compressor library - "compression_lib": null, - - //Maximum ammount of time a request is allowed to be processed (includes loading or waiting for sessions) before operations will be cancelled and a 503 returned - "max_execution_time_ms": 20000, - - //Collection of objects to define hosts+interfaces to build server listeners from - "virtual_hosts": [ - { - //The interface to bind to, you may not mix TLS and non-TLS connections on the same interface - "interface": { - "address": "0.0.0.0", - "port": 8080 - }, - - //The directory path for files served by this endpoint - "path": "dist", - - //The hostname to listen for, "*" as wildcard, and "[system]" as the default hostname for the current machine - //"hostname": "*", - - //Or specify an array of hostnames instead, the hostnames array property takes priority over the single hostname property, each must be unique - "hostnames": [ "*" ], - - //Collection of "trusted" servers to allow proxy header support from - "downstream_servers": [], - - //Specify a list of ip addresses that are allowed to connect to the server, 403 will be returned if connections are not on this list - //whitelist works behind a trusted downstream server that supports X-Forwared-For headers - //"whitelist": [ "127.0.0.1" ], - - //A list of file extensions to deny access to, if a resource is requested and has one of the following extensions, a 404 is returned - "deny_extensions": [ ".env", ".yaml", ".cs" ], - - //The default file extensions to append to a resource that does not have a file extension - "default_files": [ "index.html" ], - - //Key-value headers object, some headers are special and are controlled by the vh processor - "headers": { - "X-Content-Type-Options": "nosniff", - "X-Xss-Protection": "1; mode=block", - "X-Frame-Options": "DENY", - "Content-Security-Policy": "default-src 'self' https://cdn.ckeditor.com 'unsafe-inline'; img-src 'self' blob: data:; frame-src 'none'; object-src 'none'; referrer no-referrer-when-downgrade; upgrade-insecure-requests; block-all-mixed-content;" - }, - - //Enables cors support for all endpoints and header controls, if false, all endpoints that are send CORS request headers will be forbidden - //"enable_cors": true, - - //Allowed cors authoriy domains - //"cors_allowed_authority": [ "localhost:8080" ], - - //Define a TLS certificate (enables TLS on the interface) - "disabled ssl": { - - //Cert may be pem or pfx (include private key in pfx, or include private key in a pem file) - "cert": "/path/to/cert.pfx|pem", - - //A pem encoded private key, REQUIRED if using a PEM certificate, may be encrypted with a password - "privkey": "/path/to/private_key.pem", - - //An optional password for the ssl private key - "password": "plain-text-password", - - //requires that any client connecting to this host present a valid certificate - "client_cert_required": false - }, - - //A list of error file objects, files are loaded into memory (and watched for changes) and returned when the specified error code occurs - "error_files": [ - /* - { - "code": 404, - "path": "404.html" - }, - */ - ], - - //The default - "cache_default_sec": 864000 - } - ], - - - //Defines the directory where plugin's are to be loaded from - "plugins": { - //Hot-reload creates collectable assemblies that allow full re-load support in the host application, should only be used for development purposes! - "hot_reload": false, - "reload_delay_sec": 2, - "path": "plugins", - "config_dir": "config" - }, - - "disabled sys_log": { - //"path": "path/to/syslog/file", - //"template": "serilog template for writing to file", - //"flush_sec": 5, - //"retained_files": 31, - //"file_size_limit": 10485760, - //"interval": "infinite" - }, - - "disabled app_log": { - //"path": "path/to/applog/file", - //"template": "serilog template for writing to file", - //"flush_sec": 5, - //"retained_files": 31, - //"file_size_limit": 10485760, - //"interval": "infinite" - }, - - //Sql for the users database - "sql": { - "db_type": "sqlite", //mysql, mssql(default), sqlite - "source": "cmnext.db" //For sqlite only - - //"hostname": "example.com", - //"username": "cmnext", - //"catalog": "cmnext", - //"min_pool_size": 5, - //"ms_security": false - }, - - //caching should be setup globally after VNCache #78a47dd - "cache":{ - //Load the vncache dll - "assembly_name": "VNLib.Data.Caching.Providers.VNCache.dll", - //Defaulting to memory only for now - "memory_only": true, - //enable memory cache - "memory_cache": { - "buckets": 20, - "bucket_size": 5000, - "max_age_sec": 600, - "refresh_interval_sec": 60, - "zero_all": false, - "max_object_size": 8128 - } - }, - - //Global secrets object, used by the host and pluings for a specialized secrets - "secrets": { - //"db_password": "" - "passwords": "yourbase64passwordsecret" - } -} diff --git a/ci/config/routes.xml b/ci/config/routes.xml deleted file mode 100644 index 49d9553..0000000 --- a/ci/config/routes.xml +++ /dev/null @@ -1,44 +0,0 @@ - - - - - - - - - - - * - - - /assets/* - - - - - - - * - - - /* - - - / - - - - - \ No newline at end of file -- cgit