The config file contain secrets, so it should not be world writable.

Fix #562

ansible-lint 6.19.0 started complaining about this:

   schema[tasks]: 'become_method' must be one of the currently available
   values: ansible.builtin.runas, ansible.builtin.su,
           ansible.builtin.sudo, ansible.netcommon.enable,
           community.general.doas, community.general.dzdo,
           community.general.ksu, community.general.machinectl,
           community.general.pbrun, community.general.pfexec,
           community.general.pmrun, community.general.sesu,
           community.general.sudosu, containers.podman.podman_unshare

This allows the pads to be named nicely instead of having just a random string as URL.

For example the draft of the monthly report in july could be located at "https://md.archlinux.org/2023-07_monthly-report" instead of "https://md.archlinux.org/UF9Y235qTRe8XS3qxUVeJA".

https://docs.hedgedoc.org/references/url-scheme/#freeurl-mode



Signed-off-by: Christian Heusel <christian@heusel.eu>

From [1]: "By default, the new Quarkus distribution removes /auth from
           the context-path."

[1] https://www.keycloak.org/migration/migrating-to-quarkus

Fixes: 26f289b7 ("Capitalize the first letter of all task names")

ansible-lint 6.5.0 complains about:

  name: All names should start with an
        uppercase letter. (name[casing])

These are used to signal the start of the document in a stream of many
documents. As Ansible only supports one YAML document per file this is
unnecessary. About a third of our YAML documents already lacked these.

Kristian Klausen authored 3 years ago and Jelle van der Waa committed 3 years ago

X-Forwarded-For is defined as X-Forwarded-For: <client>, <proxy1>,
<proxy2>, and it was set to $proxy_add_x_forwarded_for which is
basically $http_x_forwarded_for,$remote_addr and headers from the client
can't be trusted!

Fix #292

In hedgedoc 1.8.0 sequelizerc is no longer required to as the
config.json file is used to read out the database settings.

Closes: #278

Signed-off-by: Leonidas Spyropoulos <artafinde@gmail.com>

I found it a bit short earlier.

It was somewhat broken before and even had a duplicate key.

Kristian Klausen authored 3 years ago and Jelle van der Waa committed 3 years ago

A extra access_log entry was added with the following commands:
$ cd roles
$ grep -lr access_log | xargs -P 1 -n 1 sed -i '/access_log/ s/\(.*\)\( \)\(\(reduced\|main\);$\)/\1 \3\n\1.json json_\3/'

The websocket support always 400'd as upgrade headers where missing for
/socket.io

yaml: truthy value should be one of [false, true] (truthy)
yaml: wrong indentation: expected 4 but found 2 (indentation)
yaml: too few spaces before comment (comments)
yaml: missing starting space in comment (comments)
yaml: too many blank lines (1 > 0) (empty-lines)
yaml: too many spaces after colon (colons)
yaml: comment not indented like content (comments-indentation)
yaml: no new line character at the end of file (new-line-at-end-of-file)
load-failure: Failed to load or parse file
parser-error: couldn't resolve module/action 'hosts'. This often indicates a misspelling, missing collection, or incorrect module path.

This adds a collaborative markdown editor as newly offered service which
is available via login for all Arch Linux Staff with an option to allow
anonymous edits by users (not default). Users are managed via keycloak
and require the Staff role to be allowed in, non staff keycloak users
currently will receive an internal server error due to an upstream
issue.