Ghost/core/server/data/schema/default-settings.json

231 lines
6.3 KiB
JSON
Raw Normal View History

{
"core": {
"db_hash": {
"defaultValue": null
},
"next_update_check": {
"defaultValue": null
},
Update Notification improvements (#9123) closes #5071 - Remove hardcoded notification in admin controller - NOTE: update check notifications are no longer blocking the admin rendering - this is one of the most import changes - we remove the hardcoded release message - we also remove adding a notification manually in here, because this will work differently from now on -> you receive a notification (release or custom) in the update check module and this module adds the notification as is to our database - Change default core settings keys - remove displayUpdateNotification -> this was used to store the release version number send from the UCS -> based on this value, Ghost creates a notification container with self defined values -> not needed anymore - rename seenNotifications to notifications -> the new notifications key will hold both 1. the notification from the USC 2. the information about if a notification was seen or not - this key hold only one release notification - and n custom notifications - Update Check Module: Request to the USC depends on the privacy configuration - useUpdateCheck: true -> does a checkin in the USC (exposes data) - useUpdateCheck: false -> does only a GET query to the USC (does not expose any data) - make the request handling dynamic, so it depends on the flag - add an extra logic to be able to define a custom USC endpoint (helpful for testing) - add an extra logic to be able to force the request to the service (helpful for testing) - Update check module: re-work condition when a check should happen - only if the env is not correct - remove deprecated config.updateCheck - remove isPrivacyDisabled check (handled differently now, explained in last commit) - Update check module: remove `showUpdateNotification` and readability - showUpdateNotification was used in the admin controller to fetch the latest release version number from the db - no need to check against semver in general, the USC takes care of that (no need to double check) - improve readability of `nextUpdateCheck` condition - Update check module: refactor `updateCheckResponse` - remove db call to displayUpdateNotification, not used anymore - support receiving multiple custom notifications - support custom notification groups - the default group is `all` - this will always be consumed - groups can be extended via config e.g. `notificationGroups: ['migration']` - Update check module: refactor createCustomNotification helper - get rid of taking over notification duplication handling (this is not the task of the update check module) - ensure we have good fallback values for non present attributes in a notification - get rid of semver check (happens in the USC) - could be reconsidered later if LTS is gone - Refactor notification API - reason: get rid of in process notification store -> this was an object hold in process -> everything get's lost after restart -> not helpful anymore, because imagine the following case -> you get a notification -> you store it in process -> you mark this notification as seen -> you restart Ghost, you will receive the same notification on the next check again -> because we are no longer have a separate seen notifications object - use database settings key `notification` instead - refactor all api endpoints to support reading and storing into the `notifications` object - most important: notification deletion happens via a `seen` property (the notification get's physically deleted 3 month automatically) -> we have to remember a seen property, because otherwise you don't know which notification was already received/seen - Add listener to remove seen notifications automatically after 3 month - i just decided for 3 month (we can decrease?) - at the end it doesn't really matter, as long as the windows is not tooooo short - listen on updates for the notifications settings - check if notification was seen and is older than 3 month - ignore release notification - Updated our privacy document - Updated docs.ghost.org for privacy config behaviour - contains a migration script to remove old settings keys
2018-01-09 17:20:00 +03:00
"notifications": {
"defaultValue": "[]"
},
"session_secret": {
"defaultValue": null
Updated theme layer to use members-ssr (#10676) * Removed support for cookies in members auth middleware no-issue The members middleware will no longer be supporting cookies, the cookie will be handled by a new middleware specific for serverside rendering, more informations can be found here: https://paper.dropbox.com/doc/Members-Auth-II-4WP4vF6coMqDYbSMIajo5 * Removed members auth middleware from site app no-issue The site app no longer needs the members auth middleware as it doesn't support cookies, and will be replaced by ssr specific middleware. https://paper.dropbox.com/doc/Members-Auth-II-4WP4vF6coMqDYbSMIajo5 * Added comment for session_secret setting no-issue We are going to have multiple concepts of sessions, so adding a comment here to be specific that this is for the Ghost Admin client * Added theme_session_secret setting dynamic default no-issue Sessions for the theme layer will be signed, so we generate a random hex string to use as a signing key * Added getPublicConfig method * Replaced export of httpHandler with POJO apiInstance no-issue This is mainly to reduce the public api, so it's easier to document. * Renamed memberUserObject -> members no-issue Simplifies the interface, and is more inline with what we would want to export as an api library. * Removed use of require options inside members no-issue This was too tight of a coupling between Ghost and Members * Simplified apiInstance definition no-issue * Added getMember method to members api * Added MembersSSR instance to members service * Wired up routes for members ssr * Updated members auth middleware to use getPublicConfig * Removed publicKey static export from members service * Used real session secret no-issue * Added DELETE /members/ssr handler no-issue This allows users to log out of the theme layer * Fixed missing code property no-issue Ignition uses the statusCode property to forward status codes to call sites * Removed superfluous error middleware no-issue Before we used generic JWT middleware which would reject, now the middleware catches it's own error and doesn't error, thus this middleware is unecessary. * Removed console.logs no-issue * Updated token expirty to hardcoded 20 minutes no-issue This returns to our previous state of using short lived tokens, both for security and simplicity. * Removed hardcoded default member settings no-issue This is no longer needed, as defaults are in default-settings.json * Removed stripe from default payment processor no-issue * Exported `getSiteUrl` method from url utils no-issue This keeps inline with newer naming conventions * Updated how audience access control works no-issue Rather than being passed a function, members api now receives an object which describes which origins have access to which audiences, and how long those tokens should be allowed to work for. It also allows syntax for default tokens where audience === origin requesting it. This can be set to undefined or null to disable this functionality. { "http://site.com": { "http://site.com": { tokenLength: '5m' }, "http://othersite.com": { tokenLength: '1h' } }, "*": { tokenLength: '30m' } } * Updated members service to use access control feature no-issue This also cleans up a lot of unecessary variable definitions, and some other minor cleanups. * Added status code to auth pages html response no-issue This was missing, probably default but better to be explicit * Updated gateway to have membersApiUrl from config no-issue Previously we were parsing the url, this was not very safe as we can have Ghost hosted on a subdomain, and this would have failed. * Added issuer to public config for members no-issue This can be used to request SSR tokens in the client * Fixed path for gateway bundle no-issue * Updated settings model tests no-issue * Revert "Removed stripe from default payment processor" This reverts commit 1d88d9b6d73a10091070bcc1b7f5779d071c7845. * Revert "Removed hardcoded default member settings" This reverts commit 9d899048ba7d4b272b9ac65a95a52af66b30914a. * Installed @tryghost/members-ssr * Fixed tests for settings model
2019-04-16 17:50:25 +03:00
},
"theme_session_secret": {
"defaultValue": null
Implemented externally verifiable identity tokens no-issue This adds two new endpoints, one at /ghost/.well-known/jwks.json for exposing a public key, and one on the canary api /identities, which allows the Owner user to fetch a JWT. This token can then be used by external services to verify the domain * Added ghost_{public,private}_key settings This key can be used for generating tokens for communicating with external services on behalf of Ghost * Added .well-known directory to /ghost/.well-known We add a jwks.json file to the .well-known directory which exposes a public JWK which can be used to verify the signatures of JWT's created by Ghost This is added to the /ghost/ path so that it can live on the admin domain, rather than the frontend. This is because most of its uses/functions will be in relation to the admin domain. * Improved settings model tests This removes hardcoded positions in favour of testing that a particular event wasn't emitted which is less brittle and more precise about what's being tested * Fixed parent app unit tests for well-known This updates the parent app unit tests to check that the well-known route is mounted. We all change proxyquire to use `noCallThru` which ensures that the ubderlying modules are not required. This stops the initialisation logic in ./well-known erroring in tests https://github.com/thlorenz/proxyquire/issues/215 * Moved jwt signature to a separate 'token' propery This structure corresponds to other resources and allows to exptend with additional properties in future if needed
2020-01-20 14:45:58 +03:00
},
"ghost_public_key": {
"defaultValue": null
},
"ghost_private_key": {
"defaultValue": null
}
},
"blog": {
"title": {
"defaultValue": "Ghost",
"validations": {
"isLength": {
"max": 150
}
}
},
"description": {
"defaultValue": "The professional publishing platform",
"validations": {
"isLength": {
"max": 200
}
}
},
"logo": {
"defaultValue": "https://static.ghost.org/v1.0.0/images/ghost-logo.svg"
},
"cover_image": {
"defaultValue": "https://static.ghost.org/v3.0.0/images/publication-cover.png"
},
"icon": {
"defaultValue": ""
},
"brand": {
"defaultValue": "{\"primaryColor\":\"\"}"
},
"default_locale": {
"defaultValue": "en",
"validations": {
"isEmpty": false
}
},
"active_timezone": {
"defaultValue": "Etc/UTC",
timezones: Always use the timezone of blog setting closes #6406 - adding timeZone Service to get the offset (=timezone reg. moment-timezone) overall available - new publishedAtOffset date as CP using timeZone service and moment-timezone to calculate offset incl. DST - removing timezone-obj transform as it became obsolete with moment-timezone - reading timezones from configuration/timezones api endpoint - adding a moment-utc transform to only work with utc times in backend - when switching the timezone in the select box, the user will be shown the local time of the selected timezone - added clock service to show actual time ticking below select box - default timezone is '(GMT) Greenwich Mean Time : Dublin, Edinburgh, London' - if no timezone is saved in the settings yet, the default value will be used - showing local time in 'Publish Date' when it's a draft and no actual publishedAt value exists - Removed the format 'DD MMM YY @ HH:mm (UTC Z)' which resolves to '01 Jan 16 @ 14:00 (UTC +02:00)' - Changing the date.js helper in core/server for moment-timezone - Fix timezone select: updates `selectedTimezone` to return the matching object from `availableTimezones` - Including timezones in test for date-helper - update to moment-timezone 0.5.1 - moving form-group of 'selectTimezone' further up so - Tests: - Set except for clock service in test env - adding fixtures to mirage - adding 'service.ajax' to navigation-test.js - adding 'service:ghostPaths' to navigation-test.js - Code improvements - Changing clockservice to ES6
2016-02-02 10:04:40 +03:00
"validations": {
"isTimezone": true,
"isEmpty": false
timezones: Always use the timezone of blog setting closes #6406 - adding timeZone Service to get the offset (=timezone reg. moment-timezone) overall available - new publishedAtOffset date as CP using timeZone service and moment-timezone to calculate offset incl. DST - removing timezone-obj transform as it became obsolete with moment-timezone - reading timezones from configuration/timezones api endpoint - adding a moment-utc transform to only work with utc times in backend - when switching the timezone in the select box, the user will be shown the local time of the selected timezone - added clock service to show actual time ticking below select box - default timezone is '(GMT) Greenwich Mean Time : Dublin, Edinburgh, London' - if no timezone is saved in the settings yet, the default value will be used - showing local time in 'Publish Date' when it's a draft and no actual publishedAt value exists - Removed the format 'DD MMM YY @ HH:mm (UTC Z)' which resolves to '01 Jan 16 @ 14:00 (UTC +02:00)' - Changing the date.js helper in core/server for moment-timezone - Fix timezone select: updates `selectedTimezone` to return the matching object from `availableTimezones` - Including timezones in test for date-helper - update to moment-timezone 0.5.1 - moving form-group of 'selectTimezone' further up so - Tests: - Set except for clock service in test env - adding fixtures to mirage - adding 'service.ajax' to navigation-test.js - adding 'service:ghostPaths' to navigation-test.js - Code improvements - Changing clockservice to ES6
2016-02-02 10:04:40 +03:00
}
},
"force_i18n": {
"defaultValue": "true",
"validations": {
"isEmpty": false,
"isIn": [["true", "false"]]
}
2013-11-21 22:44:18 +04:00
},
"permalinks": {
"defaultValue": "/:slug/",
"validations": {
"matches": "^(\/:?[a-z0-9_-]+){1,5}\/$",
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 17:16:15 +03:00
"matches": "(:id|:slug|:year|:month|:day|:author|:primary_tag|:primary_author)",
2013-11-21 22:44:18 +04:00
"notContains": "/ghost/"
}
},
"amp": {
"defaultValue" : "true",
"validations": {
"isIn": [["true", "false"]]
}
},
"ghost_head": {
"defaultValue" : ""
},
"ghost_foot": {
"defaultValue" : ""
2014-12-14 20:56:04 +03:00
},
"facebook": {
"defaultValue" : "ghost"
},
"twitter": {
"defaultValue" : "tryghost"
},
2014-12-14 20:56:04 +03:00
"labs": {
"defaultValue": "{}"
},
"navigation": {
"defaultValue": "[{\"label\":\"Home\", \"url\":\"/\"},{\"label\":\"Tag\", \"url\":\"/tag/getting-started/\"}, {\"label\":\"Author\", \"url\":\"/author/ghost/\"},{\"label\":\"Help\", \"url\":\"https://ghost.org/docs/\"}]"
},
"secondary_navigation": {
"defaultValue": "[]"
},
"slack": {
"defaultValue": "[{\"url\":\"\", \"username\":\"Ghost\"}]"
},
"unsplash": {
"defaultValue": "{\"isActive\": true}"
},
"meta_title": {
"defaultValue": null,
"validations": {
"isLength": {
"max": 300
}
}
},
"meta_description": {
"defaultValue": null,
"validations": {
"isLength": {
"max": 500
}
}
},
"og_image": {
"defaultValue": null,
"validations": {
"isLength": {
"max": 2000
}
}
},
"og_title": {
"defaultValue": null,
"validations": {
"isLength": {
"max": 300
}
}
},
"og_description": {
"defaultValue": null,
"validations": {
"isLength": {
"max": 300
}
}
},
"twitter_image": {
"defaultValue": null,
"validations": {
"isLength": {
"max": 2000
}
}
},
"twitter_title": {
"defaultValue": null,
"validations": {
"isLength": {
"max": 300
}
}
},
"twitter_description": {
"defaultValue": null,
"validations": {
"isLength": {
"max": 300
}
}
},
"shared_views": {
"defaultValue": "{}"
}
},
"theme": {
"active_theme": {
"defaultValue": "casper"
}
},
"private": {
"is_private": {
"defaultValue": "false",
"validations": {
"isIn": [["true", "false"]]
}
},
"password": {
"defaultValue": ""
},
"public_hash": {
"defaultValue": null
}
},
"members": {
"members_public_key": {
"defaultValue": null
},
"members_private_key": {
"defaultValue": null
},
"members_session_secret": {
"defaultValue": null
},
"members_email_auth_secret": {
"defaultValue": null
},
"default_content_visibility": {
"defaultValue": "public"
},
"members_subscription_settings": {
"defaultValue": "{\"fromAddress\":\"noreply\",\"allowSelfSignup\":true,\"paymentProcessors\":[{\"adapter\":\"stripe\",\"config\":{\"secret_token\":\"\",\"public_token\":\"\",\"product\":{\"name\":\"Ghost Subscription\"},\"plans\":[{\"name\":\"Monthly\",\"currency\":\"usd\",\"interval\":\"month\",\"amount\":\"\"},{\"name\":\"Yearly\",\"currency\":\"usd\",\"interval\":\"year\",\"amount\":\"\"}]}}]}"
},
"stripe_connect_integration": {
"defaultValue": "{}"
}
},
"bulk_email": {
"bulk_email_settings": {
"defaultValue": "{\"provider\":\"mailgun\", \"apiKey\": \"\", \"domain\": \"\", \"baseUrl\": \"\"}"
}
}
}