selfhosted
/
jackson
mirror of https://github.com/boxyhq/jackson.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
jackson/.env.example

113 lines
3.7 KiB
Plaintext
Raw Normal View History

Add example env (#67) * Add example env * Add a new line * Remove the Next Auth env
2022-01-19 13:08:15 +00:00
# Jackson settings
updated env.example
2023-02-22 16:51:06 +00:00
# Change this to your deployment public URL
EXTERNAL_URL=http://localhost:5225
Add example env (#67) * Add example env * Add a new line * Remove the Next Auth env
2022-01-19 13:08:15 +00:00
SAML_AUDIENCE=https://saml.boxyhq.com
JACKSON_API_KEYS="secret"
Admin portal sso login (#762) * env, login button & translations * added setting in sidebar Added login with sso button Added connection create form in settings * added new pages for Self SSO connection CRUD * Fixed Self SSO issue * Use @boxyhq/react-ui component for SSO * `await` on method instead of class * Fix import * Set fields to non-editable for settings view * Tweak for settings view * Add link for settings in sidebar * Take in admin SSO defaults from env * Tweak edit page for settings view * Remove `NEXT_PUBLIC` prefix * Switch back to getSSP from getStaticProps * Sync lock file * Set defaults in env * Filter out admin sso tenant/product * Load admin SSO tenant/product * Update heading * Fix back link * Use latest published version * Set `clientId` to dummy in provider init * Use the defaults from env * Fix redirectUrl after savingConnection for settingsView * Use `isLoading` from SWR * Fix settings view url for mutation and redirect in Edit * Replace api route path * Use rewrite instead of router.push and other tweaks * Reuse `ConnectionList` for settings * Use pagination query params in settings api * Import styles from sdk * Fix failing build * Use latest version * - Display badge for system sso connections - Reuse admin connection for retrieving system sso connections * Tweak styling * Construct profile in updateUser as done previously * Update react-ui * Remove extra truthy check * Hide pagination buttons for settings view * Install @boxyhq/react-ui as symlink to local * Tweak badge size * Rename admin portal sso envs * Fix the edit redirection for system sso Co-authored-by: ukrocks007 <ukrocks.mehta@gmail.com> Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com> Co-authored-by: Kiran K <kiran@boxyhq.com>
2023-01-12 15:09:08 +00:00
ADMIN_PORTAL_SSO_TENANT="_jackson_boxyhq"
ADMIN_PORTAL_SSO_PRODUCT="_jackson_admin_portal"
Add example env (#67) * Add example env * Add a new line * Remove the Next Auth env
2022-01-19 13:08:15 +00:00
IDP_ENABLED=
URL for SPSSODescriptor (#635) * use PRE_LOADED_CONNECTION instead of PRE_LOADED_CONFIG * added endpoint to return sp metadata for use with federated systems like OpenAthens * removed md prefix
2022-10-28 19:19:31 +00:00
PRE_LOADED_CONNECTION=
added CLIENT_SECRET_VERIFIER for enhancing OAuth 2.0 security (#84) * added CLIENT_SECRET_VERIFIER for enhancing OAuth 2.0 security when not using PKCE flow * added CLIENT_SECRET_VERIFIER to env.example * fixed unit test
2022-02-15 14:09:56 +00:00
CLIENT_SECRET_VERIFIER=
Add example env (#67) * Add example env * Add a new line * Remove the Next Auth env
2022-01-19 13:08:15 +00:00
# Database settings
DB_ENGINE=sql
fixed default postgres port
2022-02-16 17:59:31 +00:00
DB_URL=postgres://postgres:postgres@localhost:5432/postgres
Add example env (#67) * Add example env * Add a new line * Remove the Next Auth env
2022-01-19 13:08:15 +00:00
DB_TYPE=postgres
DB_TTL=300
DB_CLEANUP_LIMIT=1000
Add Pagination for SQL and Mongo (#121) * Add Pagination for SQL and Mongo * change the limit value * resolve ts errors and apply condition for paginat * Add Offset & Limit in env and update variable type * Reverting String to number for offset and limit * Add pagination in Redis and update the naming conv * update the pageLimit value for admin * Update Delete functionality for Redis * tweaked count for redis getAll * getAll for Redis and Unit test * tweaks * consistent naming * added missing DB_CLEANUP_LIMIT to env.ts * tweaks * Style update for prev, next button Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com> Co-authored-by: Aswin V <vaswin91@gmail.com>
2022-03-18 18:39:16 +00:00
DB_PAGE_LIMIT=50
added note about using openssl to generate the encryption key
2022-01-25 15:10:06 +00:00
# You can use openssl to generate a random 32 character key: openssl rand -base64 24
Add example env (#67) * Add example env * Add a new line * Remove the Next Auth env
2022-01-19 13:08:15 +00:00
DB_ENCRYPTION_KEY=
Feature/typeorm migrations (#141) * updated typeorm * renamed connection * updated migration scripts to new TypeORM version (v3) * typeorm and mongo -migrations and namespace column * update the mongo migration file * remove the camelcase * remove camelcase * rename the file * renaming migration files * folder restructuring and add migrate-mongo package * correcting path and minor changes * merging db name with URL * changing ts to js for mongo * migration automation with env variable * using custom scripts for migration * Dockerfile fixes * bootstrap script fixes and still need ts-node migrate-mongo in dockerfile * running migration in CI/CD * turning down planetscale * migration related fixes for namespace * Migration & bootstrap changes * reverting minor change * bootstrap.sh will only run in docker env * bootstrap RUN_MIGRATION env variable will use true * migration fixes * migration changes * removed console logs * planetscale migration fixes * copied back old files, tweaks to filenames * add index for namespace * restore older migration scripts * formatting * aligned timestamps * updated mysql, mariadb, mssql, planetscale namespace migrations * We'll run migrate manually as a separate step/container * forgot to add migrate.sh * bumped up timestamp * Enable planetscale testing * Revert planetscale test and comment config object * Revert deletions in Dockerfile * Update maria, mssql, mysql, ps, pg, sql namespace migrations * Cleanup * Add runMigration env to support manual run * Minor tweak * Ensure sql data migrations run after schema changes * Fix mssql namespace data migration query * Sync lock file * Update mongo timestamp * Set env for npm mongo migration script * [sql] Populate namespace column for synchronize: true instances * Rename `DB_RUN_MIGRATION` -> `DB_MANUAL_MIGRATION` * [mongo] Populate namespace for already deployed instances * Cleanup migrate.sh * [bash -> sh] bash does not work inside docker * Optimise migration artifacts * Source packages from global path * Copy npm from build context - excludes node_modules via .dockerignore * Remove redundant copy step * added swc packages * fresh package-lock * fresh package-lock * added migratepg job to skaffold fixes in migrate.sh to exit with error when migration fails * cleanup * added migratepg to demo skaffold as well * turn on planetscale tests --------- Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com> Co-authored-by: Utkarsh Mehta <ukrocks.mehta@gmail.com> Co-authored-by: Aswin V <vaswin91@gmail.com>
2023-10-13 22:29:21 +00:00
# Uncomment below if you wish to run DB migrations manually.
#DB_MANUAL_MIGRATION=true
Opentelemetry metrics API (#72) * Opentelemetry metrics API * Rename the counter * Add metrics API * Add Otl to Nextjs * Add otel protocol * Fix the port * Fix the port * Fix * Fix * Fix * fixed default postgres url * tweaks to metrics name and attributes Co-authored-by: Kiran K <kiran@Kirans-MacBook-Pro.local> Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
2022-02-15 23:34:12 +00:00
Replace the text Admin UI with Admin Portal (#665) * Replace Admin UI with Admin Portal * Update Sidebar.tsx
2022-11-09 10:35:10 +00:00
# Admin Portal settings
Email password login (#883) * display toast and adjust the width of the content * Login with email and password * Find the admin credentials that match the email and password * tweaks * replace <a> with <button> * renamed env var, added docs to .env.example * updates based on the feedback * hide/show the login methods based on whether they have been enabled or not. * tweaked text --------- Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
2023-02-07 12:25:28 +00:00
# SMTP details for Magic Links
Admin interface for Jackson (#71) * NextAuth + users providers * Add a temporary fix for verification token - don't use it in production * Admin ui files * Admin controller * getAll db apis * IdP provider page and api route * Fix padding * Style fixes * middleware to check session * Loading state handling * fetcher better response handling * Add new provider form and api route * Tab panel in client add form * Tab switching plus new fields * Flowbite config * darkMode with flowbite * Save config * Update route path to saml * Reusable component for add/edit * cleanup * Set Secret in NextAuth options * Prettier lint changes * Support for delete operation * Link update * PopUp Modal reusable component * Popup confirm before delete * disable SWR revalidation on focus * Display IdP metadata, clientID,secret * Header fixed positioning and style fixes * Filter raw XML in edit mode * Add name field to config * - Edit/New form delta - Split by newline - Route back after POST * Remove flowbite * Remove flowbite [cleanup] * Add description field * updateConfig implementation * Route PATCH to updateConfig * Naming change * Naming Client -> Connection * AddEdit component updates * Omit provider, returns full config * Destructure session first * Change to domain ACL * Delete unused component * Support glob and list of emails for ACL * Delete unused CSS * Update package lock * Remove flowbite from content source * Redirect to admin route * Check session in Layout and redirect to login * Logout in dropdown * vertical alignment * Show status message on save (edit) * Consolidate fields to one long vertical column * GetAll function for SQL and Add CreationDate and Modification Date for Mongo and SQL * Add name as header * Styling and opacity transition for status * Configure button style fix * overflow for smaller viewports and rounded border * Fallback to default behavior of useSession * Store, use and dispose (after signIn) verification token in db * Remove unused class * Rename Connections ➡ Configurations * Handle getAll and getConfig using slug * Better naming * Update fetch paths * Refactor getAllConfig ➡ getConfig (By Id) * Better naming * Rename saml ➡ samlconf * Use light theme by not defaulting to system theme * Path update /samlconf ➡ /saml/config * Fix path * Revert manual changes * getall funcationality and migration script * message * Updating migration file formating * message * Pull and fix package.json and lock file * correcting the migration script formatting * remove file * add new migration files * e2e with playwright * Better naming * Remove comment * Make headless * Run npm install from root * Add e2e steps in workflow * try with separate npm installs * Move higher in the pipeline to test * Fix quote * Rely on npx * fixed migration script formatting * spelling correction * headless for CI but false for local * Use secret * Type fixes for mongo * [skip ci] Swagger annotation for getConfig * Adding migration scriptis for all db's * added migration script to prettierignore * unformat migration script * removing postgress migration files * generate new migration files * remove wrong migration files * Add new migration files for mysql and mariadb * [skip ci] Swagger annotation for updateConfig * Return empty for update op * Update swagger spec * Fix type * Wait for mongo to start * Fix db_engine * Test with pg * Test with POSTGRES_DB env to auto create db * Swap install-deps with install * Use prod build * enable @ts-ignore * Test some fixes * Can be omitted in next-auth v4, uses secret * Move env to playwright config * authDbSeed script needs the db and other secrets * Typo * Bad typo day 😅 * Again typo * Set NEXTAUTH_URL * Use prod build in CI * Prefix the env for seeding * Try with inline * tidying up migration scripts * fixed migration scripts * Set env in actions yml * Remove comma * Target chromium * Prefix the env * Try inline in playwright * print env * Move build to action step * Remove console log * Let env sit on the job level * Add ACL * Fix attribute check * Add name field * add name in metadata preload config * Use postgres * Remove unneeded secret * Remove env/options from mongo service * Fix swagger * Update swagger spec * [skip ci] Fix eslint warning * Add updateConfig test * Add description to preloaded config * [skip ci] cleanup * minor fix * Update comment * Expose PATCH in config api * Added missing validation for clientSecret * Update swagger spec * updated example postgres url, updated deps * Redirect to saml config route * Remove unused pages/routes * Update in package lock * Add primary and secondary colors to tailwind * Swap icon * Remove text-color and apply default theme * Use the primary color from theme * Reusable custom class for btn-primary * Add link-primary reusable class * Use primary secondary colors for main logo * Show error status & color align with primary color * Show product if name is absent * Simplify required attribute setting, 'description' is not required * Make description optional * Fix placeholder text * Swagger updates * Add validation for description * Swagger - add missing status codes & descriptions * Update swagger artifact * Fix styling for status message * revalidate config on successful save * style text highlight globally * Fix cancel button style * Set the main height to 100%-headerHeight, add overflow * removed default ACL, if someone forgets to change it then we might have Tony Stark logging into everyones instances :) * print the arch/platform * Collect platform info * Disable swc and remove platform query steps * Try with custom babel config to disable swc * Add next.js build cache * Refactor step * trying swc * Make name parameter optional * Update form state from backend after save * port 5000 -> 5225 * Handle empty value case for ACL * bumped up version Co-authored-by: Kiran <kiran@boxyhq.com> Co-authored-by: Vishal Lodha <vishal@boxyhq.com> Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com> Co-authored-by: Utkarsh Mehta <ukrocks.mehta@gmail.com>
2022-02-22 19:03:21 +00:00
SMTP_HOST=
SMTP_PORT=
SMTP_USER=
SMTP_PASSWORD=
SMTP_FROM=
Email password login (#883) * display toast and adjust the width of the content * Login with email and password * Find the admin credentials that match the email and password * tweaks * replace <a> with <button> * renamed env var, added docs to .env.example * updates based on the feedback * hide/show the login methods based on whether they have been enabled or not. * tweaked text --------- Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
2023-02-07 12:25:28 +00:00
# Access Control for Magic Links. Set this to a comma separated string of email addresses
# or glob patterns like: `tonystark@gmail.com,*@marvel.com`.
# Access will be denied to email addresses which don't match. If you don't specify any value access is denied to all.
NEXTAUTH_ACL=
Admin interface for Jackson (#71) * NextAuth + users providers * Add a temporary fix for verification token - don't use it in production * Admin ui files * Admin controller * getAll db apis * IdP provider page and api route * Fix padding * Style fixes * middleware to check session * Loading state handling * fetcher better response handling * Add new provider form and api route * Tab panel in client add form * Tab switching plus new fields * Flowbite config * darkMode with flowbite * Save config * Update route path to saml * Reusable component for add/edit * cleanup * Set Secret in NextAuth options * Prettier lint changes * Support for delete operation * Link update * PopUp Modal reusable component * Popup confirm before delete * disable SWR revalidation on focus * Display IdP metadata, clientID,secret * Header fixed positioning and style fixes * Filter raw XML in edit mode * Add name field to config * - Edit/New form delta - Split by newline - Route back after POST * Remove flowbite * Remove flowbite [cleanup] * Add description field * updateConfig implementation * Route PATCH to updateConfig * Naming change * Naming Client -> Connection * AddEdit component updates * Omit provider, returns full config * Destructure session first * Change to domain ACL * Delete unused component * Support glob and list of emails for ACL * Delete unused CSS * Update package lock * Remove flowbite from content source * Redirect to admin route * Check session in Layout and redirect to login * Logout in dropdown * vertical alignment * Show status message on save (edit) * Consolidate fields to one long vertical column * GetAll function for SQL and Add CreationDate and Modification Date for Mongo and SQL * Add name as header * Styling and opacity transition for status * Configure button style fix * overflow for smaller viewports and rounded border * Fallback to default behavior of useSession * Store, use and dispose (after signIn) verification token in db * Remove unused class * Rename Connections ➡ Configurations * Handle getAll and getConfig using slug * Better naming * Update fetch paths * Refactor getAllConfig ➡ getConfig (By Id) * Better naming * Rename saml ➡ samlconf * Use light theme by not defaulting to system theme * Path update /samlconf ➡ /saml/config * Fix path * Revert manual changes * getall funcationality and migration script * message * Updating migration file formating * message * Pull and fix package.json and lock file * correcting the migration script formatting * remove file * add new migration files * e2e with playwright * Better naming * Remove comment * Make headless * Run npm install from root * Add e2e steps in workflow * try with separate npm installs * Move higher in the pipeline to test * Fix quote * Rely on npx * fixed migration script formatting * spelling correction * headless for CI but false for local * Use secret * Type fixes for mongo * [skip ci] Swagger annotation for getConfig * Adding migration scriptis for all db's * added migration script to prettierignore * unformat migration script * removing postgress migration files * generate new migration files * remove wrong migration files * Add new migration files for mysql and mariadb * [skip ci] Swagger annotation for updateConfig * Return empty for update op * Update swagger spec * Fix type * Wait for mongo to start * Fix db_engine * Test with pg * Test with POSTGRES_DB env to auto create db * Swap install-deps with install * Use prod build * enable @ts-ignore * Test some fixes * Can be omitted in next-auth v4, uses secret * Move env to playwright config * authDbSeed script needs the db and other secrets * Typo * Bad typo day 😅 * Again typo * Set NEXTAUTH_URL * Use prod build in CI * Prefix the env for seeding * Try with inline * tidying up migration scripts * fixed migration scripts * Set env in actions yml * Remove comma * Target chromium * Prefix the env * Try inline in playwright * print env * Move build to action step * Remove console log * Let env sit on the job level * Add ACL * Fix attribute check * Add name field * add name in metadata preload config * Use postgres * Remove unneeded secret * Remove env/options from mongo service * Fix swagger * Update swagger spec * [skip ci] Fix eslint warning * Add updateConfig test * Add description to preloaded config * [skip ci] cleanup * minor fix * Update comment * Expose PATCH in config api * Added missing validation for clientSecret * Update swagger spec * updated example postgres url, updated deps * Redirect to saml config route * Remove unused pages/routes * Update in package lock * Add primary and secondary colors to tailwind * Swap icon * Remove text-color and apply default theme * Use the primary color from theme * Reusable custom class for btn-primary * Add link-primary reusable class * Use primary secondary colors for main logo * Show error status & color align with primary color * Show product if name is absent * Simplify required attribute setting, 'description' is not required * Make description optional * Fix placeholder text * Swagger updates * Add validation for description * Swagger - add missing status codes & descriptions * Update swagger artifact * Fix styling for status message * revalidate config on successful save * style text highlight globally * Fix cancel button style * Set the main height to 100%-headerHeight, add overflow * removed default ACL, if someone forgets to change it then we might have Tony Stark logging into everyones instances :) * print the arch/platform * Collect platform info * Disable swc and remove platform query steps * Try with custom babel config to disable swc * Add next.js build cache * Refactor step * trying swc * Make name parameter optional * Update form state from backend after save * port 5000 -> 5225 * Handle empty value case for ACL * bumped up version Co-authored-by: Kiran <kiran@boxyhq.com> Co-authored-by: Vishal Lodha <vishal@boxyhq.com> Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com> Co-authored-by: Utkarsh Mehta <ukrocks.mehta@gmail.com>
2022-02-22 19:03:21 +00:00
updated env.example
2023-02-22 16:51:06 +00:00
# Change this to your deployment public URL (https://next-auth.js.org/configuration/options#nextauth_url)
NEXTAUTH_URL=http://localhost:5225
# Change this to a real secret when deploying to production
docs: update README (#2445) * docs: update README This proposes an updated README which is reformatted and also includes a walkthrough to get SAML Jackson up and running quickly. * changes based on review feedback * Update .env.example * Update .env.example with 32 for nextauth * simplify setup by skipping migrations * link to README * clarifying comment * add line instructing the user to log in using configured credentials * remove docker line * README cleanup * cleanup * MacOS > macOS * remove reference to migrations * typo * fix grammar * fix grammar * updates to README * update admin portal login options * fix typos * tweaks * small typo fixes * Update CONTRIBUTING.md --------- Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
2024-03-19 12:27:42 +00:00
# You can use openssl to generate a secret key: openssl rand -base64 32
updated env.example
2023-02-22 16:51:06 +00:00
NEXTAUTH_SECRET=secret
Email password login (#883) * display toast and adjust the width of the content * Login with email and password * Find the admin credentials that match the email and password * tweaks * replace <a> with <button> * renamed env var, added docs to .env.example * updates based on the feedback * hide/show the login methods based on whether they have been enabled or not. * tweaked text --------- Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
2023-02-07 12:25:28 +00:00
# Admin credentials (In the format email:password. Comma separated values if you want multiple logins). Alternative to Magic Links.
NEXTAUTH_ADMIN_CREDENTIALS=
Admin interface for Jackson (#71) * NextAuth + users providers * Add a temporary fix for verification token - don't use it in production * Admin ui files * Admin controller * getAll db apis * IdP provider page and api route * Fix padding * Style fixes * middleware to check session * Loading state handling * fetcher better response handling * Add new provider form and api route * Tab panel in client add form * Tab switching plus new fields * Flowbite config * darkMode with flowbite * Save config * Update route path to saml * Reusable component for add/edit * cleanup * Set Secret in NextAuth options * Prettier lint changes * Support for delete operation * Link update * PopUp Modal reusable component * Popup confirm before delete * disable SWR revalidation on focus * Display IdP metadata, clientID,secret * Header fixed positioning and style fixes * Filter raw XML in edit mode * Add name field to config * - Edit/New form delta - Split by newline - Route back after POST * Remove flowbite * Remove flowbite [cleanup] * Add description field * updateConfig implementation * Route PATCH to updateConfig * Naming change * Naming Client -> Connection * AddEdit component updates * Omit provider, returns full config * Destructure session first * Change to domain ACL * Delete unused component * Support glob and list of emails for ACL * Delete unused CSS * Update package lock * Remove flowbite from content source * Redirect to admin route * Check session in Layout and redirect to login * Logout in dropdown * vertical alignment * Show status message on save (edit) * Consolidate fields to one long vertical column * GetAll function for SQL and Add CreationDate and Modification Date for Mongo and SQL * Add name as header * Styling and opacity transition for status * Configure button style fix * overflow for smaller viewports and rounded border * Fallback to default behavior of useSession * Store, use and dispose (after signIn) verification token in db * Remove unused class * Rename Connections ➡ Configurations * Handle getAll and getConfig using slug * Better naming * Update fetch paths * Refactor getAllConfig ➡ getConfig (By Id) * Better naming * Rename saml ➡ samlconf * Use light theme by not defaulting to system theme * Path update /samlconf ➡ /saml/config * Fix path * Revert manual changes * getall funcationality and migration script * message * Updating migration file formating * message * Pull and fix package.json and lock file * correcting the migration script formatting * remove file * add new migration files * e2e with playwright * Better naming * Remove comment * Make headless * Run npm install from root * Add e2e steps in workflow * try with separate npm installs * Move higher in the pipeline to test * Fix quote * Rely on npx * fixed migration script formatting * spelling correction * headless for CI but false for local * Use secret * Type fixes for mongo * [skip ci] Swagger annotation for getConfig * Adding migration scriptis for all db's * added migration script to prettierignore * unformat migration script * removing postgress migration files * generate new migration files * remove wrong migration files * Add new migration files for mysql and mariadb * [skip ci] Swagger annotation for updateConfig * Return empty for update op * Update swagger spec * Fix type * Wait for mongo to start * Fix db_engine * Test with pg * Test with POSTGRES_DB env to auto create db * Swap install-deps with install * Use prod build * enable @ts-ignore * Test some fixes * Can be omitted in next-auth v4, uses secret * Move env to playwright config * authDbSeed script needs the db and other secrets * Typo * Bad typo day 😅 * Again typo * Set NEXTAUTH_URL * Use prod build in CI * Prefix the env for seeding * Try with inline * tidying up migration scripts * fixed migration scripts * Set env in actions yml * Remove comma * Target chromium * Prefix the env * Try inline in playwright * print env * Move build to action step * Remove console log * Let env sit on the job level * Add ACL * Fix attribute check * Add name field * add name in metadata preload config * Use postgres * Remove unneeded secret * Remove env/options from mongo service * Fix swagger * Update swagger spec * [skip ci] Fix eslint warning * Add updateConfig test * Add description to preloaded config * [skip ci] cleanup * minor fix * Update comment * Expose PATCH in config api * Added missing validation for clientSecret * Update swagger spec * updated example postgres url, updated deps * Redirect to saml config route * Remove unused pages/routes * Update in package lock * Add primary and secondary colors to tailwind * Swap icon * Remove text-color and apply default theme * Use the primary color from theme * Reusable custom class for btn-primary * Add link-primary reusable class * Use primary secondary colors for main logo * Show error status & color align with primary color * Show product if name is absent * Simplify required attribute setting, 'description' is not required * Make description optional * Fix placeholder text * Swagger updates * Add validation for description * Swagger - add missing status codes & descriptions * Update swagger artifact * Fix styling for status message * revalidate config on successful save * style text highlight globally * Fix cancel button style * Set the main height to 100%-headerHeight, add overflow * removed default ACL, if someone forgets to change it then we might have Tony Stark logging into everyones instances :) * print the arch/platform * Collect platform info * Disable swc and remove platform query steps * Try with custom babel config to disable swc * Add next.js build cache * Refactor step * trying swc * Make name parameter optional * Update form state from backend after save * port 5000 -> 5225 * Handle empty value case for ACL * bumped up version Co-authored-by: Kiran <kiran@boxyhq.com> Co-authored-by: Vishal Lodha <vishal@boxyhq.com> Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com> Co-authored-by: Utkarsh Mehta <ukrocks.mehta@gmail.com>
2022-02-22 19:03:21 +00:00
Terminus UI (#977) * WIP * tweaks * more tweaks * layout without any controls * only need sprites.png * added Terminus blocks * converted to ts * z-index hack * fixed layout without z-index hack * retrieve model * upload model * terminus config * lint fixes * refactor * added confirmation modal and toasts * fixed cue generation * fixed modal toggle
2023-03-02 20:55:54 +00:00
# Admin Portal for Retraced (Audit Logs)
Updated logs-viewer and retraced libs (#809) updated logs-viewer and retraced libs, tweaked env vars since NEXT_PUBLIC env vars are build time only
2023-01-04 17:51:06 +00:00
RETRACED_HOST_URL=
RETRACED_EXTERNAL_URL=
RETRACED_ADMIN_ROOT_TOKEN=
Terminus UI (#977) * WIP * tweaks * more tweaks * layout without any controls * only need sprites.png * added Terminus blocks * converted to ts * z-index hack * fixed layout without z-index hack * retrieve model * upload model * terminus config * lint fixes * refactor * added confirmation modal and toasts * fixed cue generation * fixed modal toggle
2023-03-02 20:55:54 +00:00
# Admin Portal for Terminus (Privacy Vault)
TERMINUS_PROXY_HOST_URL=
TERMINUS_ADMIN_ROOT_TOKEN=
Opentelemetry metrics API (#72) * Opentelemetry metrics API * Rename the counter * Add metrics API * Add Otl to Nextjs * Add otel protocol * Fix the port * Fix the port * Fix * Fix * Fix * fixed default postgres url * tweaks to metrics name and attributes Co-authored-by: Kiran K <kiran@Kirans-MacBook-Pro.local> Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
2022-02-15 23:34:12 +00:00
# OpenTelemetry
OTEL_EXPORTER_OTLP_METRICS_ENDPOINT=
Updated otel libs and added support for grpc as well (#714) * wip: updated otel libs but it isn't sending events * cleanup * grpc works * simplified counter creation * Support process.env.OTEL_EXPORTER_OTLP_ENDPOINT as well * exportIntervalMillis of 60 seconds should be sufficient * support http and grpc as well * tweak to OTEL_EXPORTER_DEBUG * unregister logger before setting it
2022-12-05 20:47:12 +00:00
OTEL_EXPORTER_OTLP_METRICS_HEADERS=
# If you want to use grpc
# OTEL_EXPORTER_OTLP_METRICS_PROTOCOL=grpc
# If you have any issues with using the otel exporter and want to enable debug logs
# OTEL_EXPORTER_DEBUG=true
Support for OIDC flow (#306) * Support 'POST' at authorization endpoint * handle additional scope params * handle additional claims param * Try with `legacy-peer-deps` true * Fix logic * Set legacy-peer-deps to `true` * Remove `.npmrc` files and sync packages from main * Resolve conflicts * Load jwtSigningKeys into env * Return id_token for OIDC flow * Support `nonce` * Add type for `nonce` * Set `nonce` only if present in request * Expose OpenId provider metadata * Update metadata * Tweak path remove dot, map jwks * Add jwsAlg and source keys using base64 * Source jose from root package.json too * JWS utils * Serve jwks_uri * Load private key for signing * Fix authz endpoint * Format example env * Fix claims * Format discovery and add missing metadata * Include the basic profile in id_token * Fix claims access * Remove console log * Sync package lock * Cleanup * Support for claims is optional * cleanup type * Set `Content-Type` header * Remove default from env * Handle jwt env * oidc fixture * Test for oidc flow, check id_token in response * Add jwt envs * Fix for undefined * Remove keys check in controller init * Runtime check for JWS keys * check if id_token is absent * Check for claims and verify signature * Snapshot test oidc discovery page * Add snapshot for linux to work in CI * Test with a fontless screenshot * test with this one * add a debug step * Get the entire dir for snapshot * Test with this * Comment out debug step * snapshot test jwks * Update env * Upload screenshot for linux * Add debug step * Update snapshot * Sync package lock * Remove local testing snapshots * Assert using api request * Update to use api test for jwks endpoint * Set `JWS_ALG` env * Prefix openid vars * Fix env access * Fix e2e test * Fix options in tests * Fix env var access * Use ttl from env * Simplify exp value setting * oidc discovery controller * Fix typing * Handle case where signing keys are not set * return `oidcDiscoveryController` * Throw a JacksonError like object * Use controllers and cleanup * throw JacksonError like object * Minor formatting * Fix typing and add check for undefined * Keep order of packages same as in main * Update key generation comment * Initialise `openid` correctly in npm * Cleanup * Set `sub` claim * Set 'sub' only for oidc flow
2022-07-23 17:04:55 +00:00
# JWS Algorithm to be used for signing e.g., RS256
# https://github.com/panva/jose/issues/114#digital-signatures
OPENID_JWS_ALG=
# JWT signing keys
# Generate keys: https://www.scottbrady91.com/openssl/creating-rsa-keys-using-openssl,
# Load into env: https://developer.vonage.com/blog/20/07/29/using-private-keys-in-environment-variables
# openssl genrsa -out private-key.pem 3072
# convert to pkcs8 format: openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in private-key.pem -out private_key.pem
# cat private_key.pem | base64
OPENID_RSA_PRIVATE_KEY=
# openssl rsa -in private_key.pem -pubout -out public_key.pem
Support for OIDC Identity Providers (#385) * Support connection dynamic param in route * Pass `connection` * Fix tests * Accept oidc params and validate the same * Rename `connection` --> `strategy` * Use saml for preLoadedConfig for now * Rename `apiController` --> `apiConfigController` * Flatten the params * Validate passed config * Backward compatibility for embed setup * Impl for oidc config save * index addition for oidc clientId * Remove param, defaults to saml * Validation will be done inside controller * Zap secondary index on clientId, not required * Rename `APIConfigController` --> `ConfigAPIController` * Update swagger * Fix name * Fix name elsewhere * Revert filter * Split `saml` and `oidc` create/update logic * Route `saml` and `oidc` * Test update * Update swagger * Update swagger * Use tenant/product from stored config in lieu of params * Validate passed OIDC clientId using hash * Update swagger annotations * Handlers for getting OIDC/SAML configs * Validate tenant/product in update * Typo fix * Fix test * Default to empty string, validation is done to check if the params are not empty * Extract provider name just like saml * OIDC Connection support *delta for authorize* - Renamed samlConfig(s) → connection(s) - Renamed resolvedSamlConfig -> resolvedConnection - Detect connection is SAML or OIDC - Perform Issuer discovery and oidc client init - Tweak error responses - Persist oidc client metadata in session * Test type fix * Test fix * openid-client dependency * Sync package locks * Fix return type - Remove `undefined` from return type - Return `OAuthErrorResponse` for else case * Handle OIDC Authorization response * Persist OIDC code_verifier * Remove scope check for OIDC connection * Normalize scope before relaying * Method name update * Extract user profile from id token and userinfo * Handle error response from OIDC Provider * Update type * Type update with OIDC specific error codes * Bug fix : typo * Cleanup * OIDC callback route * Bug fix: return profile and parameter fix * Rename `config` -> `connection` * Use `Link` and add oidc connection nav item * Use `strategy` from query param * Delta ↴ - Reorganised api routes - Removed Admin controller filtering methods for saml/oidc * Fix page link in e2e test * Changes: - Handle oidc connection fields - Rename component file path * Remove slug for save/update connection * Fix keyname in update operation * Import path update * Radio select connection type for new connection * Update lock file * Sync lock file * Sync package lock * Fix connectionType detection for new connection * Fix error message * Add comment * Tweak comment * Use the correct state and directly from session * Sync lock file * Remove `provider` from OAuthReqBody * Remove duplicate scopes * Pass recent param additions to idpSelection page * Add badge for Provider type * Style tweak * Style IdP type selection * Add test for oidc provider * Comment * Check for empty state * Add test for oidcAuthzResponse * Add test for oidcAuthzResponse * Add test for error response from OP * Error message tweak * Test the happy path * Remove unused import * Fix assertion * - Fix types - add createOIDCConfig` test for missing params * Test happy path for `createOIDCConfig` * Param validation tests for `createOIDCConfig` * Test for `updateOIDCConfig` * Tests for `updateOIDCConfig` * Male `oidcPath` required like `samlPath` * Bump `openid-client` version * Refactor * Update test coverage map * Tweak label * Split openid/oauth tests * call `t.end` * Fix file name in comment * Add test teardown * Improve coverage and rename test files * For backwards compatibility * Minor formatting * Add api paths for /connection * Zap config path for admin ui * Update swagger spec * Rename `configAPIController` → `connectionAPIController` * Rename `IdPConfig` → `IdPConnection` * Rename `validateIdPConfig` → `validateIdPConnection` * Rename `createSAMLConfig` → `createSAMLConnection` * Rename `createOIDCConfig` → `createOIDCConnection` * Update swagger spec * Rename `updateSAMLConfig` → `updateSAMLConnection`, `updateOIDCConfig` → `updateOIDCConnection` * Make `clientID`/`clientSecret` readOnly * Rename `configStore` → `connectionStore` * Update swagger spec * Add `getConnection` + `deleteConnection` * Remove `/api/v1/oidc/config` and keep `api/v1/saml/config` * Rename `getAllConfig` → `getAllConnection` * Rename `readConfig` → `loadConnection` * Rename `deleteConfiguration` → `deleteConnection` * Add `preLoadedConnection` env * Update map and cli * Refactor api tests and rename config to connection * Rename `configList` → `connectionList` * Rename `samlConfig` → `samlConnection` * Rename config -> connection * Rename `config` → `connection` * Rename counters for otl * Sync package lock * Remove api key validation from api route * Update Admin ui title * Update swagger * Update otl metric descriptions * Update var naming to connection * Add strategy validation * Add tests for invalid strategy * Sync package lock * Upgrade and pin version * Update saml config api with deprecated * Updated swagger spec for deprecated config api * Bump package version * Fix label * - removed strategy for `get` and `delete` - Type update * Type updates * getConnection -> getConnections, deleteConnection -> deleteConnections * Update swagger spec * Use only for saml connection * Remove slug from api routes * API path updates * Type updates * Helper util for api routes to check strategy * Type updates and api changes * `OAuthReq` typings enhancement * Narrowed down types for `OAuthTokenReq` and `OIDCAuthzResponsePayload` * `IdPConnection` -> `SSOConnection` * Update cookie name to avoid clash * Handle the uncaught case to prevent req hanging
2022-09-30 10:37:21 +00:00
# cat public_key.pem | base64
Support adding own certs (#715) * Support adding own cert * Update the env and decode the keys before using it * Drop the JACKSON_ prefix * Tweaks to the getDefaultCertificate * Remove the console.log
2022-12-06 19:01:01 +00:00
OPENID_RSA_PUBLIC_KEY=
# You can use `openssl req -x509 -newkey rsa:2048 -keyout key.pem -out public.crt -sha256 -days 365000 -nodes` to generate one
# Base64 encoded value of public key `cat public.crt | base64`
PUBLIC_KEY=
# Base64 encoded value of private key `cat key.pem | base64`
Federated SAML (#685) * Add alert component * Add a loading state component * Now Emptystate accept an optional prop description * SAML federation create app controller * Add the UI to create and list SAML federation apps * Create SAML federation app and metadata * wip * wip * wip * Cleanup * Fix the return values * Delete the session after the SAML response is sent to the user * wip * Revert the changes to the ConnectionAPIController * wip - IdP selection, session fixes * Fix the flow * Refactor * Refactor * wip * Refactor the idp selection page - wip * Refactor * Refactor the resolve connection * Refactor the idp selection * Refactor the idp/app selection and other fixes * wip * Refactor * Refactor the SAML response handling to merge the logic * Rename the methods * Move the saml federation to /ee folder * Fix the imported types * wip * wip /ee * Move the federated SAML UI to /ee * Move to /ee folder * wip admin portal * Delete the SAML federation app * Rename the controllers * Add the translation * Add the proper license check * Add the unit tests * tweaks to test * tweaks to test * Changes to the controller and other cleanup * Fix API routes headers * Use new toast * Add button to download cert * Tweaks * log cleanup * saml federation is part of enterprise sso * entityID now contains the unique hash needed for each tenant + product combination * cleanup * cleanup * we don't need a unique entityID * text tweaks Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
2022-12-16 15:38:59 +00:00
PRIVATE_KEY=
# To enable enterprise-only features, fill your license key in here.
Send anonymous analytics to Mixpanel (#783) * send anonymous analytics to Mixpanel * incorporated code review changes and a few other tweaks
2022-12-29 19:45:52 +00:00
BOXYHQ_LICENSE_KEY=
# To turn off our anonymous analytics uncomment the line below
#BOXYHQ_NO_ANALYTICS=1
Webhook events for SSO and DSync connection operations (#1018)
2023-03-27 15:36:44 +00:00
bumped up version
2023-03-29 18:27:09 +00:00
# Set Webhook URL and secret to enable webhook notifications
Webhook events for SSO and DSync connection operations (#1018)
2023-03-27 15:36:44 +00:00
WEBHOOK_URL=
Send dsync events as a batch to the webhooks (#1579) * store the events in the database * wip DirectoryEvents * wip * Update package-lock.json * wip - bulk sending events * Batch events * Remove status DELIVERED * wip * add unit tests * Update package-lock.json * Fix no-constant-condition * add process locking * rearrange files * Fix imports * log the webhook events * Fix the test * Fix the logs table * Rename the endpoint * Fix * Cleanup * Tweak * clear Interval * validate api key * Correct sort order * Updates * Add unit tests * Add more test cases * Move files * Update package-lock.json * Fix the import * Tweak * Send otel * Remove unused import * Prevent parallel processing * updated package-lock --------- Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
2023-11-13 23:06:06 +00:00
WEBHOOK_SECRET=
# Directory sync webhook event batch size (Eg: 50)
Update .env.example
2023-11-20 09:56:50 +00:00
DSYNC_WEBHOOK_BATCH_SIZE=
Cron jobs support (#2430) * Use random id instead of os.hostname * Remove unused import * add eventLockKey * add eventLockKey * Check for expiry when acquiring lock (wip) * Add cron interval config * Add timeout functionality to process events * Fix index value overwrite * Fix bulk delete * Remove console.log * directory sync add cron * Refactor event processing and add cron scheduling * Remove await * Refactor directory sync worker * Remove unused import statement * Fix lockKey initialization in EventProcessor constructor * cleanup * take a callback for DSync as NPM option (WIP) * Fix the unit test * Fix the webhooks test * Remove unused import statement * Fix type * fixed cron, cleaned up x-access-token. TODO: Fix webhooks batch cron * grouped dsync index names in one place * ensure the cron ticks regularly, use setInterval instead of setTimeout * do the renewal inside EventLock * lint fix * improved locking and added check for lock in Google dsync cron * locking per cron * refactor --------- Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
2024-03-22 11:49:23 +00:00
DSYNC_WEBHOOK_BATCH_CRON_INTERVAL=
Update .env.example
2023-11-20 09:56:50 +00:00
# Google workspace directory sync
Add prefix to Google dsync credentials (#1963) * Add prefix to Google dsync credentials * fallback to old env vars --------- Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
2023-11-22 17:46:14 +00:00
DSYNC_GOOGLE_CLIENT_ID=
DSYNC_GOOGLE_CLIENT_SECRET=
Cron jobs support (#2430) * Use random id instead of os.hostname * Remove unused import * add eventLockKey * add eventLockKey * Check for expiry when acquiring lock (wip) * Add cron interval config * Add timeout functionality to process events * Fix index value overwrite * Fix bulk delete * Remove console.log * directory sync add cron * Refactor event processing and add cron scheduling * Remove await * Refactor directory sync worker * Remove unused import statement * Fix lockKey initialization in EventProcessor constructor * cleanup * take a callback for DSync as NPM option (WIP) * Fix the unit test * Fix the webhooks test * Remove unused import statement * Fix type * fixed cron, cleaned up x-access-token. TODO: Fix webhooks batch cron * grouped dsync index names in one place * ensure the cron ticks regularly, use setInterval instead of setTimeout * do the renewal inside EventLock * lint fix * improved locking and added check for lock in Google dsync cron * locking per cron * refactor --------- Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
2024-03-22 11:49:23 +00:00
DSYNC_GOOGLE_CRON_INTERVAL=
Support product branding (EE) (#2110) * Make entity ID read-only * Update swagger.json * Add validation to check if an app with the same tenant and product already exists * Fix error message for duplicate app creation * Update API handler to use PATCH method instead of POST * Add product branding support * Refactor product controller * Refactor branding and product fetching logic * Update setup link branding * Revert * Fix ProductConfig interface
2024-01-02 15:00:41 +00:00
# Only applicable for BoxyHQ SaaS deployments
Make Setup Link Expiry Time Configurable (#2112) * Make Setup Link Expiry Time Configurable * Update setup link expiry variable * Fixes * Add tests
2024-01-03 12:30:13 +00:00
BOXYHQ_HOSTED=0
# Setup link expiry in days
Feature/ory (#2205) * WIP * Support OIDC connections * update connection using project revision * working connections * look up product config if boxyhqHosted * fixed function return * lint fix * crash fix * tweak name of org * updated package-lock * isEnabled is private --------- Co-authored-by: Aswin V <vaswin91@gmail.com>
2024-01-30 14:47:08 +00:00
SETUP_LINK_EXPIRY_DAYS=3
# Ory integration. You need BOXYHQ_LICENSE_KEY to be set to use this.
ENTERPRISE_ORY_SDK_TOKEN=
ENTERPRISE_ORY_PROJECT_ID=
Ability to opt out of sending profile scope (#2436) * Default should be true, opt-in via JacksonOption * Add new env to example file * Omit profile scope if opted out * Type update * Service env processing * Sync package locks * Add unit tests
2024-03-13 14:47:15 +00:00
# Uncomment below if you wish to opt-out of sending `profile` scope in OIDC Provider Authorization Request
renamed OIDC_REQUEST_PROFILE_SCOPE to OPENID_REQUEST_PROFILE_SCOPE, updated deployments
2024-03-16 20:16:25 +00:00
#OPENID_REQUEST_PROFILE_SCOPE=false