When enabled, the /lool/getMetrics endpoint will not require authentication.
By default authentication is required and this setting is set to "false".
Signed-off-by: Andras Timar <andras.timar@collabora.com>
Change-Id: I801130cf552eb14c231fcc0a0bdd39d9ebb6db7f
This allows people to perturb the etags for now, and in future the
URL sub-path to make it easier to develop with binaries where the
git hash doens't change.
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
Change-Id: I6082a71cde5d3a34cca29fa5858feaf6fdb7f4d6
This remove reuse_cookies as a setting and feature
altogether. It was originally a workaround to aid
with authentication, prior to having access_token.
However, it proved to be less useful than originally
anticipated, primarily because cookies nowadays have
security restrictions in browsers. In addition to
the fact that access_token simply deprecated it.
While the documentation has also been updated,
tests still have reuse_cookies in input data.
This is intentional to ensure the code is
backwards compatible with any deployment that might
still pass URLs with reuse_cookies around.
Change-Id: If214b299b34a910face8cabc7c1335621990c85e
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
number of versions to maintain per file can be specified in loolwsd.xml
on exceeding specified quarantine size oldest file(s) is deleted
Signed-off-by: Pranam Lashkari <lpranam@collabora.com>
Change-Id: I3ca55b9ab29a82988f19fe0acd43e0fae2c2a423
Many of the settings in loolwsd.xml that you might want to tweak this
or that way during development are set on the loolwsd command-line for
a "make run". Don't waste time on trying to set them in loolwsd.xml
and wondering why it has no effect. I just did that. Hopefully these
comments will avoid such in the future.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I896e9cb2830bf36c165842bff53f0e4e471599ae
Signed-off-by: Jerzy Drozdz <jerzy.drozdz@gmail.com>
Change-Id: If4ccaf7bf0b668979064357ab606b473bd497f11
Signed-off-by: Jerzy Drozdz <jerzy.drozdz@gmail.com>
(Also in variable names.)
Better to just use terms that say what we mean, i.e. most verbose and
least verbose.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I80d74fda8b80bd34d194c3df97d246a41368189b
Add a way to set it from the client.
For now, in the Help > About dialog, the L key toggges the logging
level between the default (whatever is set in loolwsd.xml or on the
loolwsd command line) and the maximum a client is allowed to set
(which also can be set in loolwsd.xml or on the loolwsd command line).
Also while at it, uncouple the toggling of the Trace Event generation
from the triple-click tha toggles tile debugging. It is now on the T
key.
Also swap the meaning of "min" and "max" for the logging levels. Even
if the Poco::Message::Priority values are such that the less urgent
priorities have a numerbcally higher value, conceptually it is more
clear to say the more urgent priorities (levels) are "higher".
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I5383b16ead7d2d378901525eb0d16513d88f045e
We don't want a client to be able to turn logging off completely
either.
Note, just to avoid potential confusion: This is about the LOG_INF(),
LOG_WRN(), LOG_TRC() etc logging here in Online. Not related to my
recent work on Trace Event format logging.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I3de527cb9f69d9a5269b1db2e1d4602e7117f22e
(Not used yet.)
The intent is that the JS code will be able send the server a message
that adjusts the logging level for the WSD thread(s) and Kit processes
handling that client.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I88ac301f002b1f3a55a5d8c9e3650babdedc1e0d
That is our convention, and this also avoids a global variable in the
kit process.
Change-Id: I37d2d53aa7eb24f9848fa8ef98bc57d75db90d13
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Now it is possible:
- to disable Help buttons and jumping to external website of Online Help (--without-help-url)
- set the icon theme of tunneled dialogs and sidebar (--with-core-icon-theme=<theme>)
- set the list of allowed dictionaries (--with-dictionaries=<language list>)
This patch obsoletes the packaging hacks that we had to use for certain customers.
Signed-off-by: Andras Timar <andras.timar@collabora.com>
Change-Id: I450f66ac133f6fcefae2bda9f29e04405ef3a6b7
It is (for now) produced (by the ProfileZone things in core) whenever
logging level is "trace". The Event Trace file pathname can be given
in the loolesd.xml file or on the loolwsd command line.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I6d5829121e71460a4600ee94d2ebf51043c8893f
Rendering PDF documents to images can consume
large amount of memory. Here we limit the
maximum allowed resolution to 384. This is
about 400% zoom resolution, given that the
100% resolution is 96 dpi.
If this proves limiting, it can be increased
to 480 dpi, which is about 500% zoom scale.
Change-Id: I719118d517bbaf8b204411223f1e26a31b97ca99
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
The defined envar is used by Core to override its
default resolution (of 96 dpi), when specified.
Change-Id: Ie7164e78f98990ac88b02dbfe2becbae8c134e9c
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
"Specifies whether the macro execution is enabled in
general. This will disable Basic, Beanshell, Javascript
and Python scripts. If it is set to false, the
macro_security_level is ignored. If it is set to true,
the mentioned entry specified the level of macro security".
Change-Id: I4bc5b690268a93994d17e2b02b7b60b6398646b7
Signed-off-by: Henry Castro <hcastro@collabora.com>
This reverts commit f6bf6f49ed. I did not
consider that this makes it harder to do a local developer setup with
reverse proxy + make run; also that if you don't read the doc to set up
a reverse proxy, then the default now serves http content and advertises
https, which is not helping sysadmins.
This needs more thinking how to improve one scenario without hurting
others.
Signed-off-by: Miklos Vajna <vmiklos@collabora.com>
Change-Id: Ic789faa2dc5bb19a79d651dc81d4eaaf0b48607a
The intention is to have defaults which are close to how people
typically use Online in production.
However, keep using ssl for 'make run', so that the https environment in
the browser is unchanged.
Signed-off-by: Miklos Vajna <vmiklos@collabora.com>
Change-Id: I7fd725a83b0e9ca1012f2c0e0c3bf038e5fa0059
The default Poco connection timeout is 60 seconds,
which is probably excessive. The current configurable
default is a more reasonable 30 seconds.
Currently we set this timeout on Storage connections
going out (i.e. WOPI connections).
Change-Id: Ie80a9141ca9bf721addc74baf94e62e0ad72fdd2
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/98913
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Ashod Nakashian <ash@collabora.com>
loolmount now works and supports mounting and
unmounting, plus numerous improvements,
refactoring, logging, etc.. When enabled,
binding improves the jail setup time by anywhere
from 2x to orders of magnitude (in docker, f.e.).
A new config entry mount_jail_tree controls
whether mounting is used or the old method of
linking/copying of jail contents. It is set to
true by default and falls back to linking/copying.
A test mount is done when the setting is enabled,
and if mounting fails, it's disabled to avoid noise.
Temporarily disabled for unit-tests until we can
cleanup lingering mounts after Jenkins aborts our
build job. In a future patch we will have mount/jail
cleanup as part of make.
The network/system files in /etc that need frequent
refreshing are now updated in systemplate to make
their most recent version available in the jails.
These files can change during the course of loolwsd
lifetime, and are unlikely to be updated in
systemplate after installation at all. We link to
them in the systemplate/etc directory, and if that
fails, we copy them before forking each kit
instance to have the latest.
This reworks the approach used to bind-mount the
jails and the templates such that the total is
now down to only three mounts: systemplate, lo, tmp.
As now systemplate and lotemplate are shared, they
must be mounted as readonly, this means that user/
must now be moved into tmp/user/ which is writable.
The mount-points must be recursive, because we mount
lo/ within the mount-point of systemplate (which is
the root of the jail). But because we (re)bind
recursively, and because both systemplate and
lotemplate are mounted for each jails, we need to
make them unbindable, so they wouldn't multiply the
mount-points for each jails (an explosive growth!)
Contrarywise, we don't want the mount-points to
be shared, because we don't expect to add/remove
mounts after a jail is created.
The random temp directory is now created and set
correctly, plus many logging and other improvements.
Change-Id: Iae3fda5e876cf47d2cae6669a87b5b826a8748df
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92829
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Environment variable in sysconfig.loolwsd was not good, because:
1) it was a systemd antipattern
2) this systemd environment file was not present on all distros
3) we had to take care about this separately, when we did not start
loolwsd from systemd
Change-Id: I5c47668ca388c2f4b0afd6da8c575a3fb3cfab3b
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/96291
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
This is the new default - do as we're told by the client.
The old setting is left to allow users to force SSL if they are
concerned that they may receive unhelpful URLs.
Change-Id: Idea83aacea6826a8f37264e34d49c7550efe6d27
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/93179
Tested-by: Michael Meeks <michael.meeks@collabora.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
This reverts commit df4a241d0f.
Reason for revert: As we agreed, we have to improve the default,
but this patch actually just doubles something that is working
out of the box.
Change-Id: Idc22dabc3621d537f1bba3bc3b13a7d943c80c36
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92299
Tested-by: Jan Holesovsky <kendy@collabora.com>
Reviewed-by: Jan Holesovsky <kendy@collabora.com>
