Some OAuth providers (like Mastodon) do not use the default
"read_user" scope, instead offering a custom scope. The config.ini
for generic OAuth now contains a "scope" field, allowing the admin
to set the scope manually (it defaults to "read_user" if blank).
Some WriteFreely instances are completely private, and thus have no need for public-
oriented features like Web Monetization. Like federation, this gives admins control
over whether or not the feature is enabled for users.
Ref T773
When setting `notes_only = true` in the `[app]` configuration section, WF will only send out `Note` objects. Otherwise, it will send out both `Note`s and `Article`s.
This moves logic for determining whether or not to show a "Sign up" page
on /signup (i.e. because the `/` route shows another, non-signup page)
into the AppCfg.SignupPath() method. It also changes various signup
links to use this value.
This adds gopher support to WriteFreely -- both single- and multi-user
instances. It is off by default, but can be enabled with the new
`gopher_port` config value in the `[server]` section.
When enabled, multi-user instances will show all public blogs at
gopher://[host]:[gopher_port]/ -- otherwise, blogs are accessible at
gopher://[host]:[gopher_port]/[blog]/
This is just a proof of concept for now. We still need to handle some
edge cases and different configurations, like private instances.
Ref T559
This adds a new config option that signifies the admin doesn't need to
see deeply technical things, like application resource usage. In the
[app] section, set forest = true to enable this.
Ref T694
includes cache of latest version and page to view if updates are
available with a link to the latest update's release notes and a link to
check for the latest update now, refreshing the cache manually.
This adds a new config value: `chorus` that signifies an instance is
more about the Reader view than individual blogs / writers. When
enabled, user navigation will show on all pages, including About,
Reader, and Privacy (ref T680).
It also uses different collection templates that keep the instance-wide
navigation at the top of the page, instead of the author's name --
again, branded more for the collective than the individual.
Ref T681
This adds a new `wf_modesty` config option that removes the copious
mentions of WriteFreely in places like the About page and site
footers.
WriteFreely remains boastful and bumptious by default; but enabling
the modesty option will tone it down and likely lead to less confusion
among average users.
Ref T676
This adds a new "Secure (port 443), auto certificate" option to the "Web
server mode" prompt when running `writefreely --config`. When chosen,
it'll set `autocert` to `true` and set the path for certs and keys to
`certs`.
Ref T542
This adds a new config option in the `[server]` section: `autocert`.
When true, WF will automatically generate certificates instead of using
ones from the provided cert path. However, all generated certificates
will be stored in the configured `tls_cert_path`.
Ref T542
Use the split argument list (slice) just for validation purposes
as it's substantially easier to do `.contains` in a string instead
of a slice. As such, pass the `configSections` arguments to
`Configure()` and check the existence of each one before showing
the options to the user.
An empty argument list is replaced by "server db app" so everything
is there negating the need to check anything else in `Configure()`.
In the same vein the default is "server db app".
The parsing is done in `app.go` alongside the other flags instead
of `main.go` as described in T657.
Add --sections flag to app.go according to T657, parse them
into a string array (check for invalid arguments and abort)
and pass them to Configure(). For now Configure() doesn't do
anything with them yet.
This is the start of all changes needed to support entirely private
instances, where all blogs are only visible to other authenticated users
on an instance (ref T576). It begins by changing how Handler methods check an
endpoint's permissions.
- Renames UserLevelLEVEL consts to UserLevelLEVELType
- Adds UserLevelLEVEL funcs with same names as previous consts. Each
returns a UserLevel
- Adds a new UserLevelReader that restricts access based on app
configuration. This is now used on collections and posts.
- Changes routing a bit so static files are always accessible
This adds a new `landing` value in the [app] section of config.ini.
If non-empty, unauthenticated users on multi-user instances will be
redirected to the path given there.
This closes T574
This adds a new `landing` value in the [app] section of config.ini.
If non-empty, unauthenticated users on multi-user instances will be
redirected to the path given there.
This closes T574
This adds new configuration values that specify the parent directory of
application resources:
- templates_parent_dir
- static_parent_dir
- pages_parent_dir
- keys_parent_dir
For any values not specified, the application will default to the
current directory.
This closes T560
This adds new configuration values that specify the parent directory of
application resources:
- templates_parent_dir
- static_parent_dir
- pages_parent_dir
- keys_parent_dir
For any values not specified, the application will default to the
current directory.
This closes T560
This includes:
- A new `user_invites` config value that determines who can generate
invite links
- A new page for generating invite links, with new user navigation link
- A new /invite/ path that allows anyone to sign up via unique invite
link, even if registrations are closed
- Tracking who (of registered users) has been invited by whom
It requires an updated database with `writefreely --migrate` in order to
work.
This closes T556
This adds a "Reader" section of the site for admins who want to enable
it for their instance. That means visitors can go to /read and see who
has publicly shared their writing. They can also follow all public posts
via RSS by going to /read/feed/. Writers on an instance with this
`local_timeline` setting enabled can publish to the timeline by going
into their blog settings and choosing the "Public" visibility setting.
The `local_timeline` feature is disabled by default, as is the Public
setting on writer blogs. Enabling it adds a "Reader" navigation item and
enables the reader endpoints. This feature will also consume more
memory, as public posts are cached in memory for 10 minutes.
These changes include code ported over from Read.Write.as, and thus
include some experimental features like filtering public posts by tags
and authors. These features aren't well-tested or complete.
Closes T554
This allows users to load a different configuration file instead of the
default config.ini. It works in combination with other configuration
actions, like --config and --create-config.