From c29b70f5e13d888cda63607140772c11437cf394 Mon Sep 17 00:00:00 2001 From: Xinecraft Date: Thu, 12 Dec 2024 17:14:08 +0530 Subject: [PATCH] config update --- .env.example | 6 +++++- config/app.php | 12 +++++++++--- config/auth.php | 8 ++++---- config/cache.php | 14 +++++++------ config/database.php | 48 +++++++++++++++++++++++++++++++++------------ config/hashing.php | 21 ++++++++++++++++---- config/logging.php | 13 ++++++++++-- config/queue.php | 35 ++++++++++++++++++++++++--------- config/sanctum.php | 17 ++++++++++++++++ config/services.php | 13 +++++++++++- config/session.php | 31 +++++++++++++++++++++-------- 11 files changed, 167 insertions(+), 51 deletions(-) diff --git a/.env.example b/.env.example index 60b1f4b9e..019970235 100644 --- a/.env.example +++ b/.env.example @@ -10,6 +10,10 @@ APP_THEME=default # Pulse dashboard for health monitoring PULSE_ENABLED=false +APP_MAINTENANCE_DRIVER=file +PHP_CLI_SERVER_WORKERS=4 +BCRYPT_ROUNDS=12 + # Dont enable on production APP_DEBUG=false DEBUGBAR_ENABLED=false @@ -21,7 +25,7 @@ APP_URL=http://localhost # Database,redis,smtp etc config is moved at last inorder to prevent accential leak during screenshare # Laravel Drivers -CACHE_DRIVER=redis +CACHE_STORE=redis QUEUE_CONNECTION=redis SESSION_DRIVER=database SESSION_LIFETIME=120 diff --git a/config/app.php b/config/app.php index 9d4be75ec..5badf59a9 100644 --- a/config/app.php +++ b/config/app.php @@ -28,7 +28,7 @@ | */ - 'version' => '6.3.0', + 'version' => '7.0.0', /* |-------------------------------------------------------------------------- @@ -162,6 +162,12 @@ 'cipher' => 'AES-256-CBC', + 'previous_keys' => [ + ...array_filter( + explode(',', env('APP_PREVIOUS_KEYS', '')) + ), + ], + /* |-------------------------------------------------------------------------- | Maintenance Mode Driver @@ -176,8 +182,8 @@ */ 'maintenance' => [ - 'driver' => 'file', - // 'store' => 'redis', + 'driver' => env('APP_MAINTENANCE_DRIVER', 'file'), + 'store' => env('APP_MAINTENANCE_STORE', 'database'), ], /* diff --git a/config/auth.php b/config/auth.php index eece6fac2..e572bb791 100644 --- a/config/auth.php +++ b/config/auth.php @@ -14,8 +14,8 @@ */ 'defaults' => [ - 'guard' => 'web', - 'passwords' => 'users', + 'guard' => env('AUTH_GUARD', 'web'), + 'passwords' => env('AUTH_PASSWORD_BROKER', 'users'), ], /* @@ -100,7 +100,7 @@ 'passwords' => [ 'users' => [ 'provider' => 'users', - 'table' => 'password_resets', + 'table' => env('AUTH_PASSWORD_RESET_TOKEN_TABLE', 'password_reset_tokens'), 'expire' => 60, 'throttle' => 60, ], @@ -117,7 +117,7 @@ | */ - 'password_timeout' => 10800, + 'password_timeout' => env('AUTH_PASSWORD_TIMEOUT', 10800), /* |-------------------------------------------------------------------------- diff --git a/config/cache.php b/config/cache.php index 33bb29546..2cbbf2af4 100644 --- a/config/cache.php +++ b/config/cache.php @@ -15,7 +15,7 @@ | */ - 'default' => env('CACHE_DRIVER', 'file'), + 'default' => env('CACHE_STORE', 'redis'), /* |-------------------------------------------------------------------------- @@ -44,14 +44,16 @@ 'database' => [ 'driver' => 'database', - 'table' => 'cache', - 'connection' => null, - 'lock_connection' => null, + 'connection' => env('DB_CACHE_CONNECTION'), + 'table' => env('DB_CACHE_TABLE', 'cache'), + 'lock_connection' => env('DB_CACHE_LOCK_CONNECTION'), + 'lock_table' => env('DB_CACHE_LOCK_TABLE'), ], 'file' => [ 'driver' => 'file', 'path' => storage_path('framework/cache/data'), + 'lock_path' => storage_path('framework/cache/data'), ], 'memcached' => [ @@ -75,8 +77,8 @@ 'redis' => [ 'driver' => 'redis', - 'connection' => 'cache', - 'lock_connection' => 'default', + 'connection' => env('REDIS_CACHE_CONNECTION', 'cache'), + 'lock_connection' => env('REDIS_CACHE_LOCK_CONNECTION', 'default'), ], 'dynamodb' => [ diff --git a/config/database.php b/config/database.php index 6ad098c01..9aa850881 100644 --- a/config/database.php +++ b/config/database.php @@ -1,6 +1,5 @@ [ 'driver' => 'sqlite', - 'url' => env('DATABASE_URL'), + 'url' => env('DB_URL'), 'database' => env('DB_DATABASE', database_path('database.sqlite')), 'prefix' => '', 'foreign_key_constraints' => env('DB_FOREIGN_KEYS', true), + 'busy_timeout' => null, + 'journal_mode' => null, + 'synchronous' => null, ], 'mysql' => [ 'driver' => 'mysql', - 'url' => env('DATABASE_URL'), + 'url' => env('DB_URL'), + 'host' => env('DB_HOST', '127.0.0.1'), + 'port' => env('DB_PORT', '3306'), + 'database' => env('DB_DATABASE', 'minetrax'), + 'username' => env('DB_USERNAME', 'root'), + 'password' => env('DB_PASSWORD', ''), + 'unix_socket' => env('DB_SOCKET', ''), + 'charset' => env('DB_CHARSET', 'utf8mb4'), + 'collation' => env('DB_COLLATION', 'utf8mb4_unicode_ci'), + 'prefix' => '', + 'prefix_indexes' => true, + 'strict' => true, + 'engine' => null, + 'options' => extension_loaded('pdo_mysql') ? array_filter([ + PDO::MYSQL_ATTR_SSL_CA => env('MYSQL_ATTR_SSL_CA'), + ]) : [], + 'dump' => [ + 'timeout' => 60 * 30, // 30 minute timeout + ], + ], + + 'mariadb' => [ + 'driver' => 'mariadb', + 'url' => env('DB_URL'), 'host' => env('DB_HOST', '127.0.0.1'), 'port' => env('DB_PORT', '3306'), 'database' => env('DB_DATABASE', 'minetrax'), 'username' => env('DB_USERNAME', 'root'), 'password' => env('DB_PASSWORD', ''), 'unix_socket' => env('DB_SOCKET', ''), - 'charset' => 'utf8mb4', - 'collation' => 'utf8mb4_unicode_ci', + 'charset' => env('DB_CHARSET', 'utf8mb4'), + 'collation' => env('DB_COLLATION', 'utf8mb4_unicode_ci'), 'prefix' => '', 'prefix_indexes' => true, 'strict' => true, @@ -110,7 +135,10 @@ | */ - 'migrations' => 'migrations', + 'migrations' => [ + 'table' => 'migrations', + 'update_date_on_publish' => true, + ], /* |-------------------------------------------------------------------------- @@ -129,7 +157,7 @@ 'options' => [ 'cluster' => env('REDIS_CLUSTER', 'redis'), - 'prefix' => env('REDIS_PREFIX', Str::slug(env('APP_NAME', 'laravel'), '_').'_database_'), + 'prefix' => env('REDIS_PREFIX', Str::slug(env('APP_NAME', 'laravel'), '_') . '_database_'), ], 'default' => [ @@ -151,10 +179,4 @@ ], ], - - 'dbal' => [ - 'types' => [ - 'timestamp' => TimestampType::class, - ], - ], ]; diff --git a/config/hashing.php b/config/hashing.php index bcd3be4c2..1bf40c301 100644 --- a/config/hashing.php +++ b/config/hashing.php @@ -29,7 +29,8 @@ */ 'bcrypt' => [ - 'rounds' => env('BCRYPT_ROUNDS', 10), + 'rounds' => env('BCRYPT_ROUNDS', 12), + 'verify' => env('HASH_VERIFY', true), ], /* @@ -44,9 +45,21 @@ */ 'argon' => [ - 'memory' => 65536, - 'threads' => 1, - 'time' => 4, + 'memory' => env('ARGON_MEMORY', 65536), + 'threads' => env('ARGON_THREADS', 1), + 'time' => env('ARGON_TIME', 4), + 'verify' => env('HASH_VERIFY', true), ], + /* + |-------------------------------------------------------------------------- + | Rehash On Login + |-------------------------------------------------------------------------- + | + | Setting this option to true will tell Laravel to automatically rehash + | the user's password during login if the configured work factor for + | the algorithm has changed, allowing graceful upgrades of hashes. + | + */ + 'rehash_on_login' => true, ]; diff --git a/config/logging.php b/config/logging.php index 3b00521d8..b2a4fc71b 100644 --- a/config/logging.php +++ b/config/logging.php @@ -3,6 +3,7 @@ use Monolog\Handler\NullHandler; use Monolog\Handler\StreamHandler; use Monolog\Handler\SyslogUdpHandler; +use Monolog\Processor\PsrLogMessageProcessor; return [ @@ -32,7 +33,7 @@ 'deprecations' => [ 'channel' => env('LOG_DEPRECATIONS_CHANNEL', 'null'), - 'trace' => false, + 'trace' => env('LOG_DEPRECATIONS_TRACE', false), ], /* @@ -61,12 +62,14 @@ 'driver' => 'single', 'path' => storage_path('logs/laravel.log'), 'level' => env('LOG_LEVEL', 'debug'), + 'replace_placeholders' => true, ], 'daily' => [ 'driver' => 'daily', 'path' => storage_path('logs/laravel.log'), 'level' => env('LOG_LEVEL', 'debug'), + 'replace_placeholders' => true, 'days' => 14, ], @@ -76,6 +79,7 @@ 'username' => 'Laravel Log', 'emoji' => ':boom:', 'level' => env('LOG_LEVEL', 'critical'), + 'replace_placeholders' => true, ], 'papertrail' => [ @@ -85,8 +89,9 @@ 'handler_with' => [ 'host' => env('PAPERTRAIL_URL'), 'port' => env('PAPERTRAIL_PORT'), - 'connectionString' => 'tls://' . env('PAPERTRAIL_URL') . ':' . env('PAPERTRAIL_PORT'), + 'connectionString' => 'tls://'.env('PAPERTRAIL_URL').':'.env('PAPERTRAIL_PORT'), ], + 'processors' => [PsrLogMessageProcessor::class], ], 'stderr' => [ @@ -97,16 +102,20 @@ 'with' => [ 'stream' => 'php://stderr', ], + 'processors' => [PsrLogMessageProcessor::class], ], 'syslog' => [ 'driver' => 'syslog', 'level' => env('LOG_LEVEL', 'debug'), + 'facility' => env('LOG_SYSLOG_FACILITY', LOG_USER), + 'replace_placeholders' => true, ], 'errorlog' => [ 'driver' => 'errorlog', 'level' => env('LOG_LEVEL', 'debug'), + 'replace_placeholders' => true, ], 'null' => [ diff --git a/config/queue.php b/config/queue.php index 05805b7a3..f9b79cf42 100644 --- a/config/queue.php +++ b/config/queue.php @@ -36,17 +36,18 @@ 'database' => [ 'driver' => 'database', - 'table' => 'jobs', - 'queue' => 'default', - 'retry_after' => 90, + 'connection' => env('DB_QUEUE_CONNECTION'), + 'table' => env('DB_QUEUE_TABLE', 'jobs'), + 'queue' => env('DB_QUEUE', 'default'), + 'retry_after' => (int) env('DB_QUEUE_RETRY_AFTER', 90), 'after_commit' => false, ], 'beanstalkd' => [ 'driver' => 'beanstalkd', - 'host' => 'localhost', - 'queue' => 'default', - 'retry_after' => 90, + 'host' => env('BEANSTALKD_QUEUE_HOST', 'localhost'), + 'queue' => env('BEANSTALKD_QUEUE', 'default'), + 'retry_after' => (int) env('BEANSTALKD_QUEUE_RETRY_AFTER', 90), 'block_for' => 0, 'after_commit' => false, ], @@ -64,16 +65,16 @@ 'redis' => [ 'driver' => 'redis', - 'connection' => 'default', + 'connection' => env('REDIS_QUEUE_CONNECTION', 'default'), 'queue' => env('REDIS_QUEUE', 'default'), - 'retry_after' => 90, + 'retry_after' => (int) env('REDIS_QUEUE_RETRY_AFTER', 90), 'block_for' => null, 'after_commit' => false, ], 'redis-longtask' => [ 'driver' => 'redis', - 'connection' => 'default', + 'connection' => env('REDIS_QUEUE_CONNECTION', 'default'), 'queue' => 'longtask', 'retry_after' => 3660, // 1 hour + 1 min 'block_for' => null, @@ -82,6 +83,22 @@ ], + /* + |-------------------------------------------------------------------------- + | Job Batching + |-------------------------------------------------------------------------- + | + | The following options configure the database and table that store job + | batching information. These options can be updated to any database + | connection and table which has been defined by your application. + | + */ + + 'batching' => [ + 'database' => env('DB_CONNECTION', 'mysql'), + 'table' => 'job_batches', + ], + /* |-------------------------------------------------------------------------- | Failed Queue Jobs diff --git a/config/sanctum.php b/config/sanctum.php index 529cfdc99..8b44ca33b 100644 --- a/config/sanctum.php +++ b/config/sanctum.php @@ -48,6 +48,21 @@ 'expiration' => null, + /* + |-------------------------------------------------------------------------- + | Token Prefix + |-------------------------------------------------------------------------- + | + | Sanctum can prefix new tokens in order to take advantage of numerous + | security scanning initiatives maintained by open source platforms + | that notify developers if they commit tokens into repositories. + | + | See: https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning + | + */ + + 'token_prefix' => env('SANCTUM_TOKEN_PREFIX', ''), + /* |-------------------------------------------------------------------------- | Sanctum Middleware @@ -60,7 +75,9 @@ */ 'middleware' => [ + 'authenticate_session' => Laravel\Sanctum\Http\Middleware\AuthenticateSession::class, 'verify_csrf_token' => App\Http\Middleware\VerifyCsrfToken::class, + 'validate_csrf_token' => Illuminate\Foundation\Http\Middleware\ValidateCsrfToken::class, 'encrypt_cookies' => App\Http\Middleware\EncryptCookies::class, ], diff --git a/config/services.php b/config/services.php index 797e85d19..b1df96381 100644 --- a/config/services.php +++ b/config/services.php @@ -31,6 +31,17 @@ 'region' => env('AWS_DEFAULT_REGION', 'us-east-1'), ], + 'resend' => [ + 'key' => env('RESEND_KEY'), + ], + + 'slack' => [ + 'notifications' => [ + 'bot_user_oauth_token' => env('SLACK_BOT_USER_OAUTH_TOKEN'), + 'channel' => env('SLACK_BOT_USER_DEFAULT_CHANNEL'), + ], + ], + 'github' => [ 'oauth_enabled' => env('GITHUB_OAUTH_ENABLED'), 'client_id' => env('GITHUB_CLIENT_ID'), @@ -66,7 +77,7 @@ 'redirect' => env('DISCORD_REDIRECT_URI'), // optional - 'allow_gif_avatars' => (bool)env('DISCORD_AVATAR_GIF', true), + 'allow_gif_avatars' => (bool) env('DISCORD_AVATAR_GIF', true), 'avatar_default_extension' => env('DISCORD_EXTENSION_DEFAULT', 'jpg'), // only pick from jpg, png, webp // bot diff --git a/config/session.php b/config/session.php index cbcaf0b47..a4cd1c4e4 100644 --- a/config/session.php +++ b/config/session.php @@ -33,7 +33,7 @@ 'lifetime' => env('SESSION_LIFETIME', 120), - 'expire_on_close' => false, + 'expire_on_close' => env('SESSION_EXPIRE_ON_CLOSE', false), /* |-------------------------------------------------------------------------- @@ -46,7 +46,7 @@ | */ - 'encrypt' => false, + 'encrypt' => env('SESSION_ENCRYPT', false), /* |-------------------------------------------------------------------------- @@ -85,7 +85,7 @@ | */ - 'table' => 'sessions', + 'table' => env('SESSION_TABLE', 'sessions'), /* |-------------------------------------------------------------------------- @@ -128,7 +128,7 @@ 'cookie' => env( 'SESSION_COOKIE', - Str::slug(env('APP_NAME', 'laravel'), '_').'_session' + Str::slug(env('APP_NAME', 'laravel'), '_') . '_session' ), /* @@ -142,7 +142,7 @@ | */ - 'path' => '/', + 'path' => env('SESSION_PATH', '/'), /* |-------------------------------------------------------------------------- @@ -181,7 +181,7 @@ | */ - 'http_only' => true, + 'http_only' => env('SESSION_HTTP_ONLY', true), /* |-------------------------------------------------------------------------- @@ -190,12 +190,27 @@ | | This option determines how your cookies behave when cross-site requests | take place, and can be used to mitigate CSRF attacks. By default, we - | will set this value to "lax" since this is a secure default value. + | will set this value to "lax" to permit secure cross-site requests. + | + | See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#samesitesamesite-value | | Supported: "lax", "strict", "none", null | */ - 'same_site' => 'lax', + 'same_site' => env('SESSION_SAME_SITE', 'lax'), + + /* + |-------------------------------------------------------------------------- + | Partitioned Cookies + |-------------------------------------------------------------------------- + | + | Setting this value to true will tie the cookie to the top-level site for + | a cross-site context. Partitioned cookies are accepted by the browser + | when flagged "secure" and the Same-Site attribute is set to "none". + | + */ + + 'partitioned' => env('SESSION_PARTITIONED_COOKIE', false), ];