admin/changemaker.lite
1
0
Fork 0
Code Issues Packages Projects Releases 31 Wiki Activity
changemaker.lite/mkdocs/mkdocs.yml.bak
bunker-admin 91db29402c Add Gitea SSO, fix security audit findings, harden production defaults 
Gitea SSO: cookie-based single sign-on via nginx auth_request — sets
cml_session cookie on login/refresh, validates via /api/auth/gitea-sso-validate,
injects X-WEBAUTH-USER header for reverse proxy auth. Dedicated GITEA_SSO_SECRET
and SERVICE_PASSWORD_SALT env vars isolate secret rotation.

Security fixes from March 30 audit: IDOR on ticketed events (requireEventOwnership
middleware), IDOR on action items (admin/assignee/creator check), path traversal
on photos (resolve-based validation), CSV upload size limit (5MB), shared calendar
email exposure removed.

Gitea provisioner: auto-sync docs repo collaborator access based on role
(CONTENT_ROLES get write, SUPER_ADMIN gets admin). Gitea client extended
with collaborator management API methods.

Production hardening: NODE_ENV defaults to production in docker-compose.prod.yml,
Grafana anonymous auth disabled, install.sh branch ref updated to main.

Admin UI: moved docs reset from toolbar to MkDocs Settings danger zone,
improved collab Ctrl+S to explicitly save + cache-bust preview.

MkDocs site rebuild with updated repo data, upgrade screenshots, and content.

Bunker Admin
2026-03-31 11:20:01 -06:00

274 lines
8.4 KiB
YAML
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

site_name: Changemaker Lite
site_description: Build Power. Not Rent It. Own your digital infrastructure.
site_url: https://bnkserve.org
site_author: Bunker Operations
docs_dir: docs
site_dir: site
use_directory_urls: true
# Repository
repo_url: https://gitea.bnkops.com/admin/changemaker.lite
repo_name: changemaker.lite
edit_uri: src/branch/main/mkdocs/docs
# Theme
theme:
name: material
custom_dir: docs/overrides
logo: assets/logo.png
favicon: assets/favicon.png
palette:
- scheme: slate
primary: deep purple
accent: amber
toggle:
icon: material/weather-night
name: Switch to light mode
- scheme: default
primary: deep purple
accent: amber
toggle:
icon: material/weather-sunny
name: Switch to dark mode
font:
text: Inter
code: JetBrains Mono
features:
- announce.dismiss
- content.action.edit
- content.action.view
- content.code.annotate
- content.code.copy
- content.code.select
- content.tabs.link
- content.tooltips
- navigation.footer
- navigation.indexes
- navigation.instant
- navigation.instant.prefetch
- navigation.instant.progress
- navigation.path
- navigation.prune
- navigation.tabs
- navigation.tabs.sticky
- navigation.top
- navigation.tracking
- search.highlight
- search.share
- search.suggest
- toc.follow
# Plugins
plugins:
- search:
separator: '[\s\u200b\-_,:!=\[\]()"`/]+|\.(?!\d)|&[lg]t;|(?!\b)(?=[A-Z][a-z])'
- social:
cards_layout_options:
background_color: "#5BCEFA"
color: "#FFFFFF"
- blog:
blog_dir: blog
post_date_format: medium
archive_name: Archive
categories_name: Categories
authors: true
authors_file: blog/.authors.yml
- tags
# Extra CSS and JS
extra_css:
- stylesheets/extra.css
- stylesheets/home.css
- stylesheets/docs-comments.css
- assets/css/video-player.css
- assets/css/image-gallery.css
- assets/css/payment-widgets.css
extra_javascript:
- javascripts/home.js
- javascripts/github-widget.js
- javascripts/gitea-widget.js
# env-config.js is auto-generated by hooks/env_config_hook.py
- assets/js/env-config.js
- assets/js/video-player.js
- assets/js/image-gallery.js
- assets/js/gancio-events.js
- assets/js/payment-widgets.js
- assets/js/scheduling-poll.js
- javascripts/ad-widgets.js
- javascripts/docs-comments.js
hooks:
- docs/hooks/repo_widget_hook.py
- docs/hooks/env_config_hook.py
- docs/hooks/wikilinks_hook.py
# Markdown Extensions
markdown_extensions:
- abbr
- admonition
- attr_list
- def_list
- footnotes
- md_in_html
- meta
- toc:
permalink: true
title: On this page
- pymdownx.arithmatex:
generic: true
- pymdownx.betterem:
smart_enable: all
- pymdownx.caret
- pymdownx.details
- pymdownx.emoji:
emoji_index: !!python/name:material.extensions.emoji.twemoji
emoji_generator: !!python/name:material.extensions.emoji.to_svg
- pymdownx.highlight:
anchor_linenums: true
line_spans: __span
pygments_lang_class: true
- pymdownx.inlinehilite
- pymdownx.keys
- pymdownx.mark
- pymdownx.smartsymbols
- pymdownx.snippets:
auto_append:
- includes/abbreviations.md
- pymdownx.superfences:
custom_fences:
- name: mermaid
class: mermaid
format: !!python/name:pymdownx.superfences.fence_code_format
- pymdownx.tabbed:
alternate_style: true
combine_header_slug: true
- pymdownx.tasklist:
custom_checkbox: true
- pymdownx.tilde
# Extra configuration
extra:
analytics:
provider: custom
consent:
title: Cookie consent
description: >
We use cookies to recognize your repeated visits and preferences,
as well as to measure the effectiveness of our documentation.
With your consent, you help us improve.
actions:
- accept
- reject
- manage
generator: false
status:
new: Recently added
deprecated: Legacy
social:
- icon: fontawesome/solid/code-branch
link: https://gitea.bnkops.com/admin
name: Gitea Repository
- icon: fontawesome/solid/paper-plane
link: https://listmonk.bnkops.com/subscription/form
name: Newsletter
# Copyright
copyright: >
Copyright © 20242026 The Bunker Operations
<a href="#__consent">Change cookie settings</a>
# Navigation
nav:
- Home: index.md
- Docs:
- docs/index.md
- Getting Started:
- docs/getting-started/index.md
- Installation: docs/getting-started/installation.md
- Services Overview: docs/getting-started/services.md
- Environment Variables: docs/getting-started/environment-variables.md
- First Steps: docs/getting-started/first-steps.md
- Updates & Upgrades: docs/getting-started/upgrades.md
- Control Panel (CCP): docs/getting-started/control-panel.md
- Features at a Glance: docs/getting-started/features.md
- Admin Guide:
- docs/admin/index.md
- Dashboard: docs/admin/dashboard.md
- People & Access: docs/admin/people-access.md
- Advocacy:
- docs/admin/advocacy/index.md
- Campaigns: docs/admin/advocacy/campaigns.md
- Responses: docs/admin/advocacy/responses.md
- Representatives: docs/admin/advocacy/representatives.md
- Email Queue: docs/admin/advocacy/email-queue.md
- Broadcast:
- docs/admin/broadcast/index.md
- Newsletter: docs/admin/broadcast/newsletter.md
- Email Templates: docs/admin/broadcast/email-templates.md
- SMS: docs/admin/broadcast/sms.md
- Web Content:
- docs/admin/web/index.md
- Landing Pages: docs/admin/web/landing-pages.md
- Homepage: docs/admin/web/homepage.md
- Navigation: docs/admin/web/navigation.md
- Documentation: docs/admin/web/documentation.md
- Map & Canvassing:
- docs/admin/map/index.md
- Locations: docs/admin/map/locations.md
- Areas: docs/admin/map/areas.md
- Shifts: docs/admin/map/shifts.md
- Canvassing: docs/admin/map/canvassing.md
- Data Quality: docs/admin/map/data-quality.md
- Map Settings: docs/admin/map/settings.md
- Media:
- docs/admin/media/index.md
- Library: docs/admin/media/library.md
- Analytics: docs/admin/media/analytics.md
- Curated Gallery: docs/admin/media/curated.md
- Moderation: docs/admin/media/moderation.md
- Gallery Ads: docs/admin/media/ads.md
- Payments:
- docs/admin/payments/index.md
- Products: docs/admin/payments/products.md
- Donations: docs/admin/payments/donations.md
- Plans: docs/admin/payments/plans.md
- Settings: docs/admin/payments/settings.md
- Services:
- docs/admin/services/index.md
- Tunnel: docs/admin/services/tunnel.md
- CrowdSec & Security: docs/admin/services/crowdsec.md
- Monitoring: docs/admin/services/monitoring.md
- Integrations: docs/admin/services/integrations.md
- User Provisioning: docs/admin/services/user-provisioning.md
- Settings: docs/admin/settings.md
- User Guide:
- docs/user-guide/index.md
- Campaigns: docs/user-guide/campaigns.md
- Map: docs/user-guide/map.md
- Shifts: docs/user-guide/shifts.md
- Events: docs/user-guide/events.md
- Gallery: docs/user-guide/gallery.md
- Shop & Pricing: docs/user-guide/shop.md
- Donations: docs/user-guide/donations.md
- Your Profile: docs/user-guide/profile.md
- Volunteer Guide:
- docs/volunteer/index.md
- Canvassing: docs/volunteer/canvassing.md
- Shifts: docs/volunteer/shifts.md
- Social: docs/volunteer/social.md
- Achievements: docs/volunteer/achievements.md
- Deployment:
- docs/deployment/index.md
- Architecture:
- docs/architecture/index.md
- Services:
- docs/services/index.md
- API Reference:
- docs/api/index.md
- Troubleshooting:
- docs/troubleshooting/index.md
- Philosophy: docs/phil.md
- Blog:
- blog/index.md
Reference in New Issue View Git Blame Copy Permalink