Merge pull request #4 from coostax/minor_fixes_for_prod

Minor fixes for prod

wallabag/DOCS.md

@@ -11,7 +11,7 @@ Further information can be found at [Wallabag].
 To install this add-on do the following steps:
 
 1. On supervisor -> add-on go to the options and select Repositories.
-1. Add the URL for this repo (<https://github.com/coostax/addon-wallabag.git>)
+1. Add the URL for my addons repo (<https://github.com/coostax/ha-addons.git>)
    to the add text box and click on ADD.
 1. Search for the "Wallabag" add-on in the add-on store and install it.
 1. Start the "Wallabag" add-on.
@@ -29,10 +29,20 @@ ssl: false
 certfile: fullchain.pem
 keyfile: privkey.pem
 twofactor_auth: true
+anyone_can_register: false
 ```
 
 **Note**: _This is just an example, don't copy and paste it! Create your own!_
 
+Upon starting the add-on creates a default user with the following credentials:
+
+```yaml
+username: wallabag
+password: wallabag
+```
+
+It is advised that as soon as you start the add-on you should change this user password.
+
 ### Option: `log_level`
 
 The `log_level` option controls the level of log output by the addon and can
@@ -56,6 +66,9 @@ you are troubleshooting.
 Enables/Disables SSL (HTTPS) on the web interface of Wallabag
 Panel. Set it `true` to enable it, `false` otherwise.
 
+**Note**: If set to true you need to configure the `app_url` option
+to point to the https address so that the page loads correctly
+
 ### Option: `certfile`
 
 The certificate file to use for SSL.
@@ -93,27 +106,57 @@ server is listening on.
 ### Option: `token_secret`
 
 A secret key that's used to generate certain security-related tokens.
-You should set this to prevent using the default
+This is a string that should be unique to your application and it's
+commonly used to add more entropy to security related operations.
 
 ### Option: `app_url`
 
-Set APP_URL to the URL Wallabag will be on. For example `https://wallabag.example.com`.
+Full URL of your wallabag instance (without the trailing slash).
+For example `https://wallabag.example.com`.
+If you enabled ssl you are going to need to set up this option with the https address
+for the page to load correctly.
 
 ### Option: `app_name`
 
 The name that will appear on the main HTML page. For example `Your wallabag instance`
 
 ### Option: `locale`
 
-The locale to set for Wallabag. Rigth now only tested with `en`
+Default language of your wallabag instance (like en, fr, es, etc.).
+Rigth now only has been tested with `en`
 
 ### Option: `twofactor_auth`
 
 Enable or disable two factor authentication. For more information check [Wallabag-user-docs]
 
 ### Option: `twofactor_sender`
 
-Sender email address for two factor authentication. For more information check [Wallabag-user-docs]
+Sender email address to receive the two factor code.
+For more information check [Wallabag-user-docs]
+
+### Option: `anyone_can_register`
+
+Set to _true_ to enable public registration. Default is false
+
+**Note**: _Setting this to true will allow anyone with access
+to your site to register an account_
+
+### Option: `fosuser_confirmation`
+
+Set to _true_ to send a confirmation by email for each registration.
+Default is _false_
+
+## Registering and managing users
+
+When the option `anyone_can_register` is set to _false_ the front page will not
+display a `Register` button. The only way to create new users is loggin in with
+an admin user and adding a new one under My Account -> users.
+The default wallabag user has admin priviledges.
+
+When the option `anyone_can_register` is set to _true_ the front page will
+display a `Register` button. You can use this button to register new users.
+You can have some control on the registrations by setting `fosuser_confirmation`
+to _true_ and receive confimation requests by email each time a new user registers.
 
 ## Database usage
 
@@ -124,7 +167,12 @@ that there is no easy upgrade path between the two options.
 
 ## Known issues and limitations
 
-TBD
+When SSL is turned on it setting requires setting `app_url` with the https address
+so that the page loads correctly. Failing to do this will make the site unable to
+load css and javascripts correctly.
+
+The same is true when setting a reverse proxy. `app_url` must be set with
+the https address of the reverse proxy.
 
 ## Changelog & Releases
 

wallabag/config.yaml

@@ -24,6 +24,7 @@ options:
   certfile: fullchain.pem
   keyfile: privkey.pem
   twofactor_auth: true
+  anyone_can_register: false
 schema:
   remote_mysql_host: str?
   remote_mysql_database: str?
@@ -40,5 +41,6 @@ schema:
   locale: list(en|pt-PT)?
   twofactor_auth: bool
   twofactor_sender: str?
+  anyone_can_register: bool
+  fosuser_confirmation: bool
 init: false
-image: "ghcr.io/coostax/ha-addons/wallabag/{arch}"

wallabag/rootfs/etc/cont-init.d/wallabag.sh

@@ -20,6 +20,8 @@ export APP_LOCALE=en
 export TWOFACTOR_AUTH=false
 export TWOFACTOR_SENDER='[email protected]'
 export FROM_EMAIL='[email protected]'
+export ANYONE_CAN_REGISTER=false
+export FOS_USER_CONFIRMATION=false
 
 #Create assets folder
 if ! bashio::fs.directory_exists "/data/wallabag/assets"; then
@@ -138,6 +140,15 @@ if bashio::config.has_value 'twofactor_sender';then
     TWOFACTOR_SENDER=$(bashio::config "twofactor_sender")
 fi
 
+# User registration options
+if bashio::config.has_value 'anyone_can_register';then
+    ANYONE_CAN_REGISTER=$(bashio::config "anyone_can_register")
+fi
+
+if bashio::config.has_value 'fosuser_confirmation';then
+    FOS_USER_CONFIRMATION=$(bashio::config "fosuser_confirmation")
+fi
+
 bashio::log.info "Setting up parameters.yml"
 # Set parameters.yml
 if bashio::fs.file_exists "/opt/wallabag/config/parameters.yml"; then

wallabag/rootfs/opt/wallabag/config/parameters.yml

@@ -31,9 +31,9 @@ parameters:
   twofactor_auth: $TWOFACTOR_AUTH
   twofactor_sender: ${TWOFACTOR_SENDER}
 
-  # fosuser stuff
-  fosuser_registration: true
-  fosuser_confirmation: true
+  # fosuser stuff TODO: set this to default false and get as param
+  fosuser_registration: $ANYONE_CAN_REGISTER
+  fosuser_confirmation: $FOS_USER_CONFIRMATION
 
   fos_oauth_server_access_token_lifetime: 3600
   fos_oauth_server_refresh_token_lifetime: 1209600