-
-
Notifications
You must be signed in to change notification settings - Fork 316
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[feature] Start adding advanced configuration options, starting with …
…`samesite` (#628) * fix incorrect port being used for db * start adding advanced config flags * use samesite lax by default
- Loading branch information
1 parent
265b680
commit 327d3f0
Showing
11 changed files
with
135 additions
and
18 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
# Advanced | ||
|
||
Advanced settings options are provided for the sake of allowing admins to tune their instance to their liking. | ||
|
||
These are set to sensible defaults, so most server admins won't need to touch them or think about them. | ||
|
||
**Changing these settings if you don't know what you're doing may break your instance**. | ||
|
||
## Settings | ||
|
||
```yaml | ||
############################# | ||
##### ADVANCED SETTINGS ##### | ||
############################# | ||
|
||
# Advanced settings pertaining to http timeouts, security, cookies, and more. | ||
# | ||
# ONLY ADJUST THESE SETTINGS IF YOU KNOW WHAT YOU ARE DOING! | ||
# | ||
# Most users will not need to (and should not) touch these settings, since | ||
# they are set to sensible defaults, and may break if they are changed. | ||
# | ||
# Nevertheless, they are provided for the sake of allowing server admins to | ||
# tweak their instance for performance or security reasons. | ||
|
||
# String. Value of the SameSite attribute of cookies set by GoToSocial. | ||
# Defaults to 'lax' to ensure that the OIDC flow does not break, which is | ||
# fine in most cases. If you want to harden your instance against CSRF attacks | ||
# and don't mind if some login-related things might break, you can set this | ||
# to 'strict' instead. | ||
# | ||
# For an overview of what this does, see: | ||
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite | ||
# | ||
# Options: ["lax", "strict"] | ||
# Default: "lax" | ||
advanced-cookies-samesite: "lax" | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.