* feat: Add support for Docker Swarm style secrets
* fix: Handle empty-string env values and bare _FILE key in resolveFileSecrets
Use undefined check instead of truthiness so empty-string values are
treated as "already set" and not overridden by _FILE variants. Skip
processing when the key is exactly "_FILE" to avoid creating an
empty-key entry.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: Add support for configurable proxy IP header in environment settings
* Update server/env.ts
Remove mention of Koa from docs
Co-authored-by: Tom Moor <tom.moor@gmail.com>
* Update .env.sample
Remove mention of Koa from env sample.
Co-authored-by: Tom Moor <tom.moor@gmail.com>
---------
Co-authored-by: Tom Moor <tom.moor@gmail.com>
* OAuth
* store logo
* unfurl support
* refresh token
* support for list
* embed list
* mention menu for all embeds in a list
* multi-level list
* logo
* account level connection
* tsc
* Update Icon.tsx
* coderabbit feedback
* RFC 6749 suggestion
---------
Co-authored-by: Tom Moor <tom@getoutline.com>
* Add SMTP_SERVICE environment variable for well-known services
* Fix PR #8777: Restore code in teams.ts and users.ts
* The rest of the work
* fix validation
---------
Co-authored-by: codegen-sh[bot] <131295404+codegen-sh[bot]@users.noreply.github.com>
Co-authored-by: Tom Moor <tom.moor@gmail.com>
* Add Discord Provider Prototype
* Add Discord Logo
* Add Plugin to Plugin Manager
* fixed discord auth support and added icon
* add csv role verification
* grab discord server icon and test server id and roles
* subdomain derived from server name
* use discord server specific nickname if available
* Cleanup and comment
* move discord api types to dev deps
* cleanup of server vs default params
* remove commented out lines
* revert envv.development
* revert in vscode
* update yarn lock
* add gif support for discord server icon
* add comment with docs link
* add env section for discord
* fix errors and clarify env
* add new cannot use without
* fix suggestions
* Separate environment configs
* wip
* wip
* test
* plugins
* test
* test
* .sequelizerc, unfortunately can't go through /utils/environment due to not supporting TS
* docker-compose -> docker compose
* fix: .local wipes .development
* Add custom validation message for invalid SECRET_KEY (often confused)
* feat: Put request rate limit at application server
This PR contains implementation for a blanket rate limiter at
application server level. Currently the allowed throughput is set high
only to be changed later as per the actual data gathered.
* Simplify implementation
1. Remove shutdown handler to purge rate limiter keys
2. Have separate keys for default and custom(route-based) rate limiters
3. Do not kill default rate limiter because it is not needed anymore due
to (2) above
* Set 60s as default for rate limiting window
* Fix env types
Fixes#3412
Previously the only way to restrict the domains for a Team were with the ALLOWED_DOMAINS environment variable for self hosted instances.
This PR migrates this to be a database backed setting on the Team object. This is done through the creation of a TeamDomain model that is associated with the Team and contains the domain name
This settings is updated on the Security Tab. Here domains can be added or removed from the Team.
On the server side, we take the code paths that previously were using ALLOWED_DOMAINS and switched them to use the Team allowed domains instead
* feat: Normalize logging
* Remove scattered console.error + Sentry.captureException
* Remove mention of debug
* cleanup dev output
* Edge cases, docs
* Refactor: Move logger, metrics, sentry under 'logging' folder.
Trying to reduce the amount of things under generic 'utils'
* cleanup, last few console calls
Tom Moor