From d058a1db2a8b0d89fff25087a2e37d79d0d4e483 Mon Sep 17 00:00:00 2001 From: Jonny Barnes Date: Wed, 16 Nov 2022 20:28:56 +0000 Subject: [PATCH] Update config --- .env.example | 64 +++++++++++++++++++++++------------- config/app.php | 72 ++++++++++++++--------------------------- config/auth.php | 10 ++---- config/broadcasting.php | 17 ++++++++-- config/cache.php | 20 ++++++++---- config/cors.php | 34 +++++++++++++++++++ config/database.php | 8 +++-- config/filesystems.php | 28 ++++------------ config/hashing.php | 6 ++-- config/logging.php | 20 +++++++++++- config/mail.php | 14 ++++++-- config/queue.php | 6 +++- config/sanctum.php | 67 ++++++++++++++++++++++++++++++++++++++ config/services.php | 1 + config/session.php | 8 ++--- 15 files changed, 252 insertions(+), 123 deletions(-) create mode 100644 config/cors.php create mode 100644 config/sanctum.php diff --git a/.env.example b/.env.example index d1a26e82..bd33f165 100644 --- a/.env.example +++ b/.env.example @@ -1,49 +1,67 @@ APP_NAME=Laravel -APP_ENV=production -APP_KEY=SomeRandomString # Leave this -APP_DEBUG=false -APP_LOG_LEVEL=warning +APP_ENV=local +APP_KEY= +APP_DEBUG=true +APP_URL=https://example.com +APP_LONGURL=example.com +APP_SHORTURL=examp.le -DB_CONNECTION=pgsql +LOG_CHANNEL=stack +LOG_DEPRECATIONS_CHANNEL=null +LOG_LEVEL=debug + +DB_CONNECTION=mysql DB_HOST=127.0.0.1 -DB_PORT=5432 -DB_DATABASE= -DB_USERNAME= +DB_PORT=3306 +DB_DATABASE=laravel +DB_USERNAME=root DB_PASSWORD= BROADCAST_DRIVER=log CACHE_DRIVER=file +FILESYSTEM_DISK=local +QUEUE_CONNECTION=sync SESSION_DRIVER=file -QUEUE_DRIVER=sync +SESSION_LIFETIME=120 + +MEMCACHED_HOST=127.0.0.1 REDIS_HOST=127.0.0.1 REDIS_PASSWORD=null REDIS_PORT=6379 -MAIL_DRIVER=smtp -MAIL_HOST=smtp.mailtrap.io -MAIL_PORT=2525 +MAIL_MAILER=smtp +MAIL_HOST=mailhog +MAIL_PORT=1025 MAIL_USERNAME=null MAIL_PASSWORD=null MAIL_ENCRYPTION=null +MAIL_FROM_ADDRESS="hello@example.com" +MAIL_FROM_NAME="${APP_NAME}" + +AWS_ACCESS_KEY_ID= +AWS_SECRET_ACCESS_KEY= +AWS_DEFAULT_REGION=us-east-1 +AWS_BUCKET= +AWS_USE_PATH_STYLE_ENDPOINT=false PUSHER_APP_ID= PUSHER_APP_KEY= PUSHER_APP_SECRET= +PUSHER_HOST= +PUSHER_PORT=443 +PUSHER_SCHEME=https +PUSHER_APP_CLUSTER=mt1 -AWS_S3_KEY=your-key -AWS_S3_SECRET=your-secret -AWS_S3_REGION=region -AWS_S3_BUCKET=your-bucket -AWS_S3_URL=https://xxxxxxx.s3-region.amazonaws.com +VITE_PUSHER_APP_KEY="${PUSHER_APP_KEY}" +VITE_PUSHER_HOST="${PUSHER_HOST}" +VITE_PUSHER_PORT="${PUSHER_PORT}" +VITE_PUSHER_SCHEME="${PUSHER_SCHEME}" +VITE_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}" -APP_URL=https://example.com # This one is necessary -APP_LONGURL=example.com -APP_SHORTURL=examp.le - -ADMIN_USER=admin # pick something better, this is used for `/admin` +ADMIN_USER=admin# pick something better, this is used for `/admin` ADMIN_PASS=password -DISPLAY_NAME='Joe Bloggs' # This is used for example in the header and titles +DISPLAY_NAME='Joe Bloggs'# This is used for example in the header and titles TWITTER_CONSUMER_KEY= TWITTER_CONSUMER_SECRET= diff --git a/config/app.php b/config/app.php index 2b9aaf01..26a66d9a 100644 --- a/config/app.php +++ b/config/app.php @@ -1,5 +1,7 @@ env('APP_URL', 'http://localhost'), - 'asset_url' => env('ASSET_URL', null), + 'asset_url' => env('ASSET_URL'), /* |-------------------------------------------------------------------------- @@ -169,15 +171,30 @@ return [ /* |-------------------------------------------------------------------------- - | Font Link + | Maintenance Mode Driver |-------------------------------------------------------------------------- | - | If you have a css link to Adobe’s Typekit or Hoefler&Co’s Typography - | then specify the link here. + | These configuration options determine the driver used to determine and + | manage Laravel's "maintenance mode" status. The "cache" driver will + | allow maintenance mode to be controlled across multiple machines. + | + | Supported drivers: "file", "cache" | */ - 'font_link' => env('FONT_LINK', null), + 'maintenance' => [ + 'driver' => 'file', + // 'store' => 'redis', + ], + + /* + |-------------------------------------------------------------------------- + | Font Link + |-------------------------------------------------------------------------- + | Which URL should the app load custom fonts from + */ + + 'font_link' => env('FONT_LINK'), /* |-------------------------------------------------------------------------- @@ -245,47 +262,8 @@ return [ | */ - 'aliases' => [ - - 'App' => Illuminate\Support\Facades\App::class, - 'Arr' => Illuminate\Support\Arr::class, - 'Artisan' => Illuminate\Support\Facades\Artisan::class, - 'Auth' => Illuminate\Support\Facades\Auth::class, - 'Blade' => Illuminate\Support\Facades\Blade::class, - 'Broadcast' => Illuminate\Support\Facades\Broadcast::class, - 'Bus' => Illuminate\Support\Facades\Bus::class, - 'Cache' => Illuminate\Support\Facades\Cache::class, - 'Config' => Illuminate\Support\Facades\Config::class, - 'Cookie' => Illuminate\Support\Facades\Cookie::class, - 'Crypt' => Illuminate\Support\Facades\Crypt::class, - 'DB' => Illuminate\Support\Facades\DB::class, - 'Eloquent' => Illuminate\Database\Eloquent\Model::class, - 'Event' => Illuminate\Support\Facades\Event::class, - 'File' => Illuminate\Support\Facades\File::class, - 'Gate' => Illuminate\Support\Facades\Gate::class, - 'Hash' => Illuminate\Support\Facades\Hash::class, - 'Http' => Illuminate\Support\Facades\Http::class, - 'Lang' => Illuminate\Support\Facades\Lang::class, - 'Log' => Illuminate\Support\Facades\Log::class, - 'Mail' => Illuminate\Support\Facades\Mail::class, - 'Notification' => Illuminate\Support\Facades\Notification::class, - 'Password' => Illuminate\Support\Facades\Password::class, - 'Queue' => Illuminate\Support\Facades\Queue::class, - 'Redirect' => Illuminate\Support\Facades\Redirect::class, - 'Redis' => Illuminate\Support\Facades\Redis::class, - 'Request' => Illuminate\Support\Facades\Request::class, - 'Response' => Illuminate\Support\Facades\Response::class, - 'Route' => Illuminate\Support\Facades\Route::class, - 'Schema' => Illuminate\Support\Facades\Schema::class, - 'Session' => Illuminate\Support\Facades\Session::class, - 'Storage' => Illuminate\Support\Facades\Storage::class, - 'Str' => Illuminate\Support\Str::class, - 'URL' => Illuminate\Support\Facades\URL::class, - 'Validator' => Illuminate\Support\Facades\Validator::class, - 'View' => Illuminate\Support\Facades\View::class, - - ], - - 'piwik' => env('PIWIK', false), + 'aliases' => Facade::defaultAliases()->merge([ + // 'ExampleClass' => App\Example\ExampleClass::class, + ])->toArray(), ]; diff --git a/config/auth.php b/config/auth.php index ba1a4d8c..d8c6cee7 100644 --- a/config/auth.php +++ b/config/auth.php @@ -31,7 +31,7 @@ return [ | users are actually retrieved out of your database or other storage | mechanisms used by this application to persist your user's data. | - | Supported: "session", "token" + | Supported: "session" | */ @@ -40,12 +40,6 @@ return [ 'driver' => 'session', 'provider' => 'users', ], - - 'api' => [ - 'driver' => 'token', - 'provider' => 'users', - 'hash' => false, - ], ], /* @@ -86,7 +80,7 @@ return [ | than one user table or model in the application and you want to have | separate password reset settings based on the specific user types. | - | The expire time is the number of minutes that the reset token should be + | The expire time is the number of minutes that each reset token will be | considered valid. This security feature keeps tokens short-lived so | they have less time to be guessed. You may change this as needed. | diff --git a/config/broadcasting.php b/config/broadcasting.php index 3bba1103..9e4d4aa4 100644 --- a/config/broadcasting.php +++ b/config/broadcasting.php @@ -11,7 +11,7 @@ return [ | framework when an event needs to be broadcast. You may set this to | any of the connections defined in the "connections" array below. | - | Supported: "pusher", "redis", "log", "null" + | Supported: "pusher", "ably", "redis", "log", "null" | */ @@ -36,9 +36,20 @@ return [ 'secret' => env('PUSHER_APP_SECRET'), 'app_id' => env('PUSHER_APP_ID'), 'options' => [ - 'cluster' => env('PUSHER_APP_CLUSTER'), - 'useTLS' => true, + 'host' => env('PUSHER_HOST') ?: 'api-'.env('PUSHER_APP_CLUSTER', 'mt1').'.pusher.com', + 'port' => env('PUSHER_PORT', 443), + 'scheme' => env('PUSHER_SCHEME', 'https'), + 'encrypted' => true, + 'useTLS' => env('PUSHER_SCHEME', 'https') === 'https', ], + 'client_options' => [ + // Guzzle client options: https://docs.guzzlephp.org/en/stable/request-options.html + ], + ], + + 'ably' => [ + 'driver' => 'ably', + 'key' => env('ABLY_KEY'), ], 'redis' => [ diff --git a/config/cache.php b/config/cache.php index 4f41fdf9..33bb2954 100644 --- a/config/cache.php +++ b/config/cache.php @@ -13,9 +13,6 @@ return [ | using this caching library. This connection is used when another is | not explicitly specified when executing a given caching function. | - | Supported: "apc", "array", "database", "file", - | "memcached", "redis", "dynamodb" - | */ 'default' => env('CACHE_DRIVER', 'file'), @@ -29,6 +26,9 @@ return [ | well as their drivers. You may even define multiple stores for the | same cache driver to group types of items stored in your caches. | + | Supported drivers: "apc", "array", "database", "file", + | "memcached", "redis", "dynamodb", "octane", "null" + | */ 'stores' => [ @@ -46,6 +46,7 @@ return [ 'driver' => 'database', 'table' => 'cache', 'connection' => null, + 'lock_connection' => null, ], 'file' => [ @@ -75,6 +76,7 @@ return [ 'redis' => [ 'driver' => 'redis', 'connection' => 'cache', + 'lock_connection' => 'default', ], 'dynamodb' => [ @@ -86,6 +88,10 @@ return [ 'endpoint' => env('DYNAMODB_ENDPOINT'), ], + 'octane' => [ + 'driver' => 'octane', + ], + ], /* @@ -93,12 +99,12 @@ return [ | Cache Key Prefix |-------------------------------------------------------------------------- | - | When utilizing a RAM based store such as APC or Memcached, there might - | be other applications utilizing the same cache. So, we'll specify a - | value to get prefixed to all our keys so we can avoid collisions. + | When utilizing the APC, database, memcached, Redis, or DynamoDB cache + | stores there might be other applications using the same cache. For + | that reason, you may prefix every cache key to avoid collisions. | */ - 'prefix' => env('CACHE_PREFIX', Str::slug(env('APP_NAME', 'laravel'), '_').'_cache'), + 'prefix' => env('CACHE_PREFIX', Str::slug(env('APP_NAME', 'laravel'), '_').'_cache_'), ]; diff --git a/config/cors.php b/config/cors.php new file mode 100644 index 00000000..8a39e6da --- /dev/null +++ b/config/cors.php @@ -0,0 +1,34 @@ + ['api/*', 'sanctum/csrf-cookie'], + + 'allowed_methods' => ['*'], + + 'allowed_origins' => ['*'], + + 'allowed_origins_patterns' => [], + + 'allowed_headers' => ['*'], + + 'exposed_headers' => [], + + 'max_age' => 0, + + 'supports_credentials' => false, + +]; diff --git a/config/database.php b/config/database.php index dc722b5f..137ad18c 100644 --- a/config/database.php +++ b/config/database.php @@ -89,6 +89,8 @@ return [ 'charset' => 'utf8', 'prefix' => '', 'prefix_indexes' => true, + // 'encrypt' => env('DB_ENCRYPT', 'yes'), + // 'trust_server_certificate' => env('DB_TRUST_SERVER_CERTIFICATE', 'false'), ], ], @@ -129,7 +131,8 @@ return [ 'default' => [ 'url' => env('REDIS_URL'), 'host' => env('REDIS_HOST', '127.0.0.1'), - 'password' => env('REDIS_PASSWORD', null), + 'username' => env('REDIS_USERNAME'), + 'password' => env('REDIS_PASSWORD'), 'port' => env('REDIS_PORT', '6379'), 'database' => env('REDIS_DB', '0'), ], @@ -137,7 +140,8 @@ return [ 'cache' => [ 'url' => env('REDIS_URL'), 'host' => env('REDIS_HOST', '127.0.0.1'), - 'password' => env('REDIS_PASSWORD', null), + 'username' => env('REDIS_USERNAME'), + 'password' => env('REDIS_PASSWORD'), 'port' => env('REDIS_PORT', '6379'), 'database' => env('REDIS_CACHE_DB', '1'), ], diff --git a/config/filesystems.php b/config/filesystems.php index 18042a4c..e9d9dbdb 100644 --- a/config/filesystems.php +++ b/config/filesystems.php @@ -13,20 +13,7 @@ return [ | */ - 'default' => env('FILESYSTEM_DRIVER', 'local'), - - /* - |-------------------------------------------------------------------------- - | Default Cloud Filesystem Disk - |-------------------------------------------------------------------------- - | - | Many applications store files both locally and in the cloud. For this - | reason, you may specify a default "cloud" driver here. This driver - | will be bound as the Cloud disk implementation in the container. - | - */ - - 'cloud' => env('FILESYSTEM_CLOUD', 's3'), + 'default' => env('FILESYSTEM_DISK', 'local'), /* |-------------------------------------------------------------------------- @@ -35,7 +22,7 @@ return [ | | Here you may configure as many filesystem "disks" as you wish, and you | may even configure multiple disks of the same driver. Defaults have - | been setup for each driver as an example of the required options. + | been set up for each driver as an example of the required values. | | Supported Drivers: "local", "ftp", "sftp", "s3" | @@ -46,13 +33,15 @@ return [ 'local' => [ 'driver' => 'local', 'root' => storage_path('app'), + 'throw' => false, ], 'public' => [ 'driver' => 'local', 'root' => storage_path('app/public'), - 'url' => env('APP_URL') . '/storage', + 'url' => env('APP_URL').'/storage', 'visibility' => 'public', + 'throw' => false, ], 's3' => [ @@ -63,11 +52,8 @@ return [ 'bucket' => env('AWS_BUCKET'), 'url' => env('AWS_URL'), 'endpoint' => env('AWS_ENDPOINT'), - ], - - 'media' => [ - 'driver' => 'local', - 'root' => public_path() . '/media', + 'use_path_style_endpoint' => env('AWS_USE_PATH_STYLE_ENDPOINT', false), + 'throw' => false, ], ], diff --git a/config/hashing.php b/config/hashing.php index 84257708..bcd3be4c 100644 --- a/config/hashing.php +++ b/config/hashing.php @@ -44,9 +44,9 @@ return [ */ 'argon' => [ - 'memory' => 1024, - 'threads' => 2, - 'time' => 2, + 'memory' => 65536, + 'threads' => 1, + 'time' => 4, ], ]; diff --git a/config/logging.php b/config/logging.php index e16e0bd7..4e91da28 100644 --- a/config/logging.php +++ b/config/logging.php @@ -19,6 +19,22 @@ return [ 'default' => env('LOG_CHANNEL', 'stack'), + /* + |-------------------------------------------------------------------------- + | Deprecations Log Channel + |-------------------------------------------------------------------------- + | + | This option controls the log channel that should be used to log warnings + | regarding deprecated PHP and library features. This allows you to get + | your application ready for upcoming major versions of dependencies. + | + */ + + 'deprecations' => [ + 'channel' => env('LOG_DEPRECATIONS_CHANNEL', 'null'), + 'trace' => false, + ], + /* |-------------------------------------------------------------------------- | Log Channels @@ -65,15 +81,17 @@ return [ 'papertrail' => [ 'driver' => 'monolog', 'level' => env('LOG_LEVEL', 'debug'), - 'handler' => SyslogUdpHandler::class, + 'handler' => env('LOG_PAPERTRAIL_HANDLER', SyslogUdpHandler::class), 'handler_with' => [ 'host' => env('PAPERTRAIL_URL'), 'port' => env('PAPERTRAIL_PORT'), + 'connectionString' => 'tls://'.env('PAPERTRAIL_URL').':'.env('PAPERTRAIL_PORT'), ], ], 'stderr' => [ 'driver' => 'monolog', + 'level' => env('LOG_LEVEL', 'debug'), 'handler' => StreamHandler::class, 'formatter' => env('LOG_STDERR_FORMATTER'), 'with' => [ diff --git a/config/mail.php b/config/mail.php index 54299aab..534395a3 100644 --- a/config/mail.php +++ b/config/mail.php @@ -29,7 +29,7 @@ return [ | mailers below. You are free to add additional mailers as required. | | Supported: "smtp", "sendmail", "mailgun", "ses", - | "postmark", "log", "array" + | "postmark", "log", "array", "failover" | */ @@ -42,7 +42,7 @@ return [ 'username' => env('MAIL_USERNAME'), 'password' => env('MAIL_PASSWORD'), 'timeout' => null, - 'auth_mode' => null, + 'local_domain' => env('MAIL_EHLO_DOMAIN'), ], 'ses' => [ @@ -59,7 +59,7 @@ return [ 'sendmail' => [ 'transport' => 'sendmail', - 'path' => '/usr/sbin/sendmail -bs', + 'path' => env('MAIL_SENDMAIL_PATH', '/usr/sbin/sendmail -bs -i'), ], 'log' => [ @@ -70,6 +70,14 @@ return [ 'array' => [ 'transport' => 'array', ], + + 'failover' => [ + 'transport' => 'failover', + 'mailers' => [ + 'smtp', + 'log', + ], + ], ], /* diff --git a/config/queue.php b/config/queue.php index 12222966..25ea5a81 100644 --- a/config/queue.php +++ b/config/queue.php @@ -39,6 +39,7 @@ return [ 'table' => 'jobs', 'queue' => 'default', 'retry_after' => 90, + 'after_commit' => false, ], 'beanstalkd' => [ @@ -47,6 +48,7 @@ return [ 'queue' => 'default', 'retry_after' => 90, 'block_for' => 0, + 'after_commit' => false, ], 'sqs' => [ @@ -54,9 +56,10 @@ return [ 'key' => env('AWS_ACCESS_KEY_ID'), 'secret' => env('AWS_SECRET_ACCESS_KEY'), 'prefix' => env('SQS_PREFIX', 'https://sqs.us-east-1.amazonaws.com/your-account-id'), - 'queue' => env('SQS_QUEUE', 'your-queue-name'), + 'queue' => env('SQS_QUEUE', 'default'), 'suffix' => env('SQS_SUFFIX'), 'region' => env('AWS_DEFAULT_REGION', 'us-east-1'), + 'after_commit' => false, ], 'redis' => [ @@ -65,6 +68,7 @@ return [ 'queue' => env('REDIS_QUEUE', 'default'), 'retry_after' => 90, 'block_for' => null, + 'after_commit' => false, ], ], diff --git a/config/sanctum.php b/config/sanctum.php new file mode 100644 index 00000000..529cfdc9 --- /dev/null +++ b/config/sanctum.php @@ -0,0 +1,67 @@ + explode(',', env('SANCTUM_STATEFUL_DOMAINS', sprintf( + '%s%s', + 'localhost,localhost:3000,127.0.0.1,127.0.0.1:8000,::1', + Sanctum::currentApplicationUrlWithPort() + ))), + + /* + |-------------------------------------------------------------------------- + | Sanctum Guards + |-------------------------------------------------------------------------- + | + | This array contains the authentication guards that will be checked when + | Sanctum is trying to authenticate a request. If none of these guards + | are able to authenticate the request, Sanctum will use the bearer + | token that's present on an incoming request for authentication. + | + */ + + 'guard' => ['web'], + + /* + |-------------------------------------------------------------------------- + | Expiration Minutes + |-------------------------------------------------------------------------- + | + | This value controls the number of minutes until an issued token will be + | considered expired. If this value is null, personal access tokens do + | not expire. This won't tweak the lifetime of first-party sessions. + | + */ + + 'expiration' => null, + + /* + |-------------------------------------------------------------------------- + | Sanctum Middleware + |-------------------------------------------------------------------------- + | + | When authenticating your first-party SPA with Sanctum you may need to + | customize some of the middleware Sanctum uses while processing the + | request. You may change the middleware listed below as required. + | + */ + + 'middleware' => [ + 'verify_csrf_token' => App\Http\Middleware\VerifyCsrfToken::class, + 'encrypt_cookies' => App\Http\Middleware\EncryptCookies::class, + ], + +]; diff --git a/config/services.php b/config/services.php index 2a1d616c..0ace530e 100644 --- a/config/services.php +++ b/config/services.php @@ -18,6 +18,7 @@ return [ 'domain' => env('MAILGUN_DOMAIN'), 'secret' => env('MAILGUN_SECRET'), 'endpoint' => env('MAILGUN_ENDPOINT', 'api.mailgun.net'), + 'scheme' => 'https', ], 'postmark' => [ diff --git a/config/session.php b/config/session.php index e5e458e5..cacffaca 100644 --- a/config/session.php +++ b/config/session.php @@ -72,7 +72,7 @@ return [ | */ - 'connection' => env('SESSION_CONNECTION', null), + 'connection' => env('SESSION_CONNECTION'), /* |-------------------------------------------------------------------------- @@ -100,7 +100,7 @@ return [ | */ - 'store' => env('SESSION_STORE', null), + 'store' => env('SESSION_STORE'), /* |-------------------------------------------------------------------------- @@ -155,7 +155,7 @@ return [ | */ - 'domain' => env('SESSION_DOMAIN', null), + 'domain' => env('SESSION_DOMAIN'), /* |-------------------------------------------------------------------------- @@ -164,7 +164,7 @@ return [ | | By setting this option to true, session cookies will only be sent back | to the server if the browser has a HTTPS connection. This will keep - | the cookie from being sent to you if it can not be done securely. + | the cookie from being sent to you when it can't be done securely. | */