diff --git a/config/secrets.yml b/config/secrets.yml index e4fb874..6466733 100644 --- a/config/secrets.yml +++ b/config/secrets.yml @@ -4,23 +4,127 @@ # If you change this key, all old signed cookies will become invalid! # Make sure the secret is at least 30 characters and all random, -# no regular words or you'll be exposed to dictionary attacks. +# no regular words or you will be exposed to dictionary attacks. # You can use `rails secret` to generate a secure secret key. # Make sure the secrets in this file are kept private -# if you're sharing your code publicly. +# if you are sharing your code publicly. + +decidim_default: &decidim_default + application_name: <%= Decidim::Env.new("DECIDIM_APPLICATION_NAME", "Decidim DIBA").to_json %> + mailer_sender: <%= Decidim::Env.new("DECIDIM_MAILER_SENDER", "suportparticipa311@diba.cat").to_s %> + available_locales: <%= Decidim::Env.new("DECIDIM_AVAILABLE_LOCALES", "ca,cs,de,en,es,eu,fi,fr,it,ja,nl,pl,pt,ro").to_array.to_json %> + default_locale: <%= Decidim::Env.new("DECIDIM_DEFAULT_LOCALE", "ca").to_s %> + force_ssl: <%= Decidim::Env.new("DECIDIM_FORCE_SSL", "auto").default_or_present_if_exists.to_s %> + enable_html_header_snippets: <%= Decidim::Env.new("DECIDIM_ENABLE_HTML_HEADER_SNIPPETS").to_boolean_string %> + currency_unit: <%= Decidim::Env.new("DECIDIM_CURRENCY_UNIT", "€").to_s %> + cors_enabled: <%= Decidim::Env.new("DECIDIM_CORS_ENABLED").to_boolean_string %> + image_uploader_quality: <%= Decidim::Env.new("DECIDIM_IMAGE_UPLOADER_QUALITY", "80").to_i %> + maximum_attachment_size: <%= Decidim::Env.new("DECIDIM_MAXIMUM_ATTACHMENT_SIZE", "10").to_i %> + maximum_avatar_size: <%= Decidim::Env.new("DECIDIM_MAXIMUM_AVATAR_SIZE", "5").to_i %> + max_reports_before_hiding: <%= Decidim::Env.new("DECIDIM_MAX_REPORTS_BEFORE_HIDING", "3").to_i %> + track_newsletter_links: <%= Decidim::Env.new("DECIDIM_TRACK_NEWSLETTER_LINKS", "auto").default_or_present_if_exists.to_s %> + download_your_data_expiry_time: <%= Decidim::Env.new("DECIDIM_DOWNLOAD_YOUR_DATA_EXPIRY_TIME", "7").to_i %> + throttling_max_requests: <%= Decidim::Env.new("DECIDIM_THROTTLING_MAX_REQUESTS", "100").to_i %> + throttling_period: <%= Decidim::Env.new("DECIDIM_THROTTLING_PERIOD", "1").to_i %> + unconfirmed_access_for: <%= Decidim::Env.new("DECIDIM_UNCONFIRMED_ACCESS_FOR", "0").to_i %> + system_accesslist_ips: <%= Decidim::Env.new("DECIDIM_SYSTEM_ACCESSLIST_IPS").to_array.to_json %> + base_uploads_path: <%= Decidim::Env.new("DECIDIM_BASE_UPLOADS_PATH").to_json %> + default_csv_col_sep: <%= Decidim::Env.new("DECIDIM_DEFAULT_CSV_COL_SEP", ";").to_json %> + consent_cookie_name: <%= Decidim::Env.new("DECIDIM_CONSENT_COOKIE_NAME", "decidim-consent").to_json %> + cache_key_separator: <%= Decidim::Env.new("DECIDIM_CACHE_KEY_SEPARATOR", "/").to_json %> + expire_session_after: <%= Decidim::Env.new("DECIDIM_EXPIRE_SESSION_AFTER", "30").to_i %> + session_timeout_interval: <%= Decidim::Env.new("DECIDIM_SESSION_TIMEOUT_INTERVAL", "10").to_i %> + enable_remember_me: <%= Decidim::Env.new("DECIDIM_ENABLE_REMEMBER_ME", "auto").default_or_present_if_exists.to_s %> + follow_http_x_forwarded_host: <%= Decidim::Env.new("DECIDIM_FOLLOW_HTTP_X_FORWARDED_HOST").to_boolean_string %> + maximum_conversation_message_length: <%= Decidim::Env.new("DECIDIM_MAXIMUM_CONVERSATION_MESSAGE_LENGTH", "1000").to_i %> + password_similarity_length: <%= Decidim::Env.new("DECIDIM_PASSWORD_SIMILARITY_LENGTH", 4).to_i %> + denied_passwords: <%= Decidim::Env.new("DECIDIM_DENIED_PASSWORDS").to_array(separator: ", ").to_json %> + allow_open_redirects: <%= Decidim::Env.new("DECIDIM_ALLOW_OPEN_REDIRECTS").to_boolean_string %> + social_share_services: <%= Decidim::Env.new("DECIDIM_SOCIAL_SHARE_SERVICES", "X, Facebook, WhatsApp, Telegram").to_array.to_json %> + service_worker_enabled: <%= Decidim::Env.new("DECIDIM_SERVICE_WORKER_ENABLED", Rails.env.exclude?("development")).to_boolean_string %> + page_blocks: <%= Decidim::Env.new("DECIDIM_PAGE_BLOCKS", "terms-of-service").to_array %> + admin_password: + expiration_days: <%= Decidim::Env.new("DECIDIM_ADMIN_PASSWORD_EXPIRATION_DAYS", 90).to_i %> + min_length: <%= Decidim::Env.new("DECIDIM_ADMIN_PASSWORD_MIN_LENGTH", 15).to_i %> + repetition_times: <%= Decidim::Env.new("DECIDIM_ADMIN_PASSWORD_REPETITION_TIMES", 5).to_i %> + strong: <%= Decidim::Env.new("DECIDIM_ADMIN_PASSWORD_STRONG", true).to_boolean_string %> + api: + schema_max_per_page: <%= Decidim::Env.new("API_SCHEMA_MAX_PER_PAGE", 50).to_i %> + schema_max_complexity: <%= Decidim::Env.new("API_SCHEMA_MAX_COMPLEXITY", 5000).to_i %> + schema_max_depth: <%= Decidim::Env.new("API_SCHEMA_MAX_DEPTH", 15).to_i %> + proposals: + similarity_threshold: <%= Decidim::Env.new("PROPOSALS_SIMILARITY_THRESHOLD", 0.25).to_f %> + similarity_limit: <%= Decidim::Env.new("PROPOSALS_SIMILARITY_LIMIT", 10).to_i %> + participatory_space_highlighted_proposals_limit: <%= Decidim::Env.new("PROPOSALS_PARTICIPATORY_SPACE_HIGHLIGHTED_PROPOSALS_LIMIT", 4).to_i %> + process_group_highlighted_proposals_limit: <%= Decidim::Env.new("PROPOSALS_PROCESS_GROUP_HIGHLIGHTED_PROPOSALS_LIMIT", 3).to_i %> + meetings: + upcoming_meeting_notification: <%= Decidim::Env.new("MEETINGS_UPCOMING_MEETING_NOTIFICATION", 2).to_i %> + enable_proposal_linking: <%= Decidim::Env.new("MEETINGS_ENABLE_PROPOSAL_LINKING", "auto").default_or_present_if_exists.to_s %> + embeddable_services: <%= Decidim::Env.new("MEETINGS_EMBEDDABLE_SERVICES").to_array(separator: " ").to_json %> + budgets: + enable_proposal_linking: <%= Decidim::Env.new("BUDGETS_ENABLE_PROPOSAL_LINKING", "auto").default_or_present_if_exists.to_s %> + accountability: + enable_proposal_linking: <%= Decidim::Env.new("ACCOUNTABILITY_ENABLE_PROPOSAL_LINKING", "auto").default_or_present_if_exists.to_s %> + initiatives: + creation_enabled: <%= Decidim::Env.new("INITIATIVES_CREATION_ENABLED", "auto").default_or_present_if_exists.to_s %> + similarity_threshold: <%= Decidim::Env.new("INITIATIVES_SIMILARITY_THRESHOLD", 0.25).to_f %> + similarity_limit: <%= Decidim::Env.new("INITIATIVES_SIMILARITY_LIMIT", 5).to_i %> + minimum_committee_members: <%= Decidim::Env.new("INITIATIVES_MINIMUM_COMMITTEE_MEMBERS", 2).to_i %> + default_signature_time_period_length: <%= Decidim::Env.new("INITIATIVES_DEFAULT_SIGNATURE_TIME_PERIOD_LENGTH", 120).to_i %> + default_components: <%= Decidim::Env.new("INITIATIVES_DEFAULT_COMPONENTS", "pages, meetings").to_array.to_json %> + first_notification_percentage: <%= Decidim::Env.new("INITIATIVES_FIRST_NOTIFICATION_PERCENTAGE", 33).to_i %> + second_notification_percentage: <%= Decidim::Env.new("INITIATIVES_SECOND_NOTIFICATION_PERCENTAGE", 66).to_i %> + stats_cache_expiration_time: <%= Decidim::Env.new("INITIATIVES_STATS_CACHE_EXPIRATION_TIME", 5).to_i %> + max_time_in_validating_state: <%= Decidim::Env.new("INITIATIVES_MAX_TIME_IN_VALIDATING_STATE", 60).to_i %> + print_enabled: <%= Decidim::Env.new("INITIATIVES_PRINT_ENABLED", "auto").default_or_present_if_exists.to_s %> + do_not_require_authorization: <%= Decidim::Env.new("INITIATIVES_DO_NOT_REQUIRE_AUTHORIZATION").to_boolean_string %> + verifications: + document_types: <%= Decidim::Env.new("VERIFICATIONS_DOCUMENT_TYPES", "identification_number,passport").to_array %> + +storage_default: &storage_default + provider: <%= Decidim::Env.new("STORAGE_PROVIDER", "local").to_s %> + cdn_host: <%= ENV["STORAGE_CDN_HOST"] %> + s3: + access_key_id: <%= ENV["AWS_ACCESS_KEY_ID"] %> + secret_access_key: <%= ENV["AWS_SECRET_ACCESS_KEY"] %> + region: <%= ENV["AWS_REGION"] %> + bucket: <%= ENV["AWS_BUCKET"] %> + endpoint: <%= ENV["AWS_ENDPOINT"] %> + azure: + storage_access_key: <%= ENV["AZURE_STORAGE_ACCESS_KEY"] %> + storage_account_name: <%= ENV["AZURE_STORAGE_ACCOUNT_NAME"] %> + container: <%= ENV["AZURE_CONTAINER"] %> + gcs: + project: <%= ENV["GCS_PROJECT"] %> + bucket: <%= ENV["GCS_BUCKET"] %> + type: <%= Decidim::Env.new("GCS_TYPE", "service_account").to_s %> + project_id: <%= Decidim::Env.new("GCS_PROJECT_ID").to_s %> + private_key_id: <%= Decidim::Env.new("GCS_PRIVATE_KEY_ID").to_s %> + private_key: <%= Decidim::Env.new("GCS_PRIVATE_KEY").to_s %> + client_email: <%= Decidim::Env.new("GCS_CLIENT_EMAIL").to_s %> + client_id: <%= Decidim::Env.new("GCS_CLIENT_ID").to_s %> + auth_uri: <%= Decidim::Env.new("GCS_AUTH_URI", "https://accounts.google.com/o/oauth2/auth").to_s %> + token_uri: <%= Decidim::Env.new("GCS_TOKEN_URI", "https://accounts.google.com/o/oauth2/token").to_s %> + auth_provider_x509_cert_url: <%= Decidim::Env.new("GCS_AUTH_PROVIDER_X509_CERT_URL", "https://www.googleapis.com/oauth2/v1/certs").to_s %> + client_x509_cert_url: <%= Decidim::Env.new("GCS_CLIENT_X509_CERT_URL").to_s %> + default: &default + decidim: + <<: *decidim_default omniauth: facebook: # It must be a boolean. Remember ENV variables doesn't support booleans. enabled: false app_id: <%= ENV["OMNIAUTH_FACEBOOK_APP_ID"] %> app_secret: <%= ENV["OMNIAUTH_FACEBOOK_APP_SECRET"] %> + icon: facebook-fill twitter: enabled: false api_key: <%= ENV["OMNIAUTH_TWITTER_API_KEY"] %> api_secret: <%= ENV["OMNIAUTH_TWITTER_API_SECRET"] %> + icon: twitter-x-fill google_oauth2: enabled: false client_id: <%= ENV["OMNIAUTH_GOOGLE_CLIENT_ID"] %> @@ -33,7 +137,22 @@ default: &default password: <%= ENV["HTTP_BASIC_AUTH_PASSWORD"] %> censed_api_endpoint: <%= ENV["CENSED_API_ENDPOINT"] %> google_analytics_code: <%= ENV["GOOGLE_ANALYTICS_CODE"] %> - + maps: + dynamic_provider: <%= Decidim::Env.new("MAPS_DYNAMIC_PROVIDER", ENV["MAPS_PROVIDER"]).to_s %> + static_provider: <%= Decidim::Env.new("MAPS_STATIC_PROVIDER", ENV["MAPS_PROVIDER"]).to_s %> + static_api_key: <%= Decidim::Env.new("MAPS_STATIC_API_KEY", ENV["MAPS_API_KEY"]).to_s %> + dynamic_api_key: <%= Decidim::Env.new("MAPS_DYNAMIC_API_KEY", ENV["MAPS_API_KEY"]).to_s %> + dynamic_url: <%= ENV["MAPS_DYNAMIC_URL"] %> + static_url: <%= ENV["MAPS_STATIC_URL"] %> + attribution: <%= ENV["MAPS_ATTRIBUTION"].to_json %> + extra_vars: <%= ENV["MAPS_EXTRA_VARS"].to_json %> + geocoding_host: <%= ENV["MAPS_GEOCODING_HOST"] %> + storage: + <<: *storage_default + vapid: + enabled: <%= Decidim::Env.new("VAPID_PUBLIC_KEY").to_boolean_string %> + public_key: <%= ENV["VAPID_PUBLIC_KEY"] %> + private_key: <%= ENV["VAPID_PRIVATE_KEY"] %> development: <<: *default