v2.0 finalizations

Author: pglombardo

config/defaults/settings.yml

@@ -833,8 +833,11 @@ brand:
 
   ### Site Disclaimer
   #
-  # Environment variable override: PWP__BRAND__DISCLAIMER='Use at own use risk.'
-  # disclaimer: 'This is a dummy disclaimer and should not be considered legally binding or taken seriously in any way. The content provided here is for entertainment and illustrative purposes only. Any resemblance to actual disclaimers is purely coincidental. We do not endorse or encourage the use of this disclaimer for any real-world applications, and we strongly advise consulting a legal professional for creating legitimate and appropriate disclaimers for your specific needs. By reading this disclaimer, you agree not to hold us responsible for any confusion, amusement, or bewilderment it may cause. This disclaimer has no legal validity, and any attempt to rely on it for legal, financial, or any other serious matters is ill-advised. Please use disclaimers responsibly and in accordance with applicable laws and regulations.'
+  # Optional short text shown in the footer (centered, muted). Leave unset to hide.
+  #
+  # Environment variable override: PWP__BRAND__DISCLAIMER='Use subject to org terms. Security: contact your CSO.'
+  #
+  # disclaimer: 'Use of this instance is subject to your organization terms of service. Report misuse or security concerns to your CSO or IT security team.'
 
   ### Show Footer Menu Toggle
   #

config/settings.yml

@@ -833,8 +833,11 @@ brand:
 
   ### Site Disclaimer
   #
-  # Environment variable override: PWP__BRAND__DISCLAIMER='Use at own use risk.'
-  # disclaimer: 'This is a dummy disclaimer and should not be considered legally binding or taken seriously in any way. The content provided here is for entertainment and illustrative purposes only. Any resemblance to actual disclaimers is purely coincidental. We do not endorse or encourage the use of this disclaimer for any real-world applications, and we strongly advise consulting a legal professional for creating legitimate and appropriate disclaimers for your specific needs. By reading this disclaimer, you agree not to hold us responsible for any confusion, amusement, or bewilderment it may cause. This disclaimer has no legal validity, and any attempt to rely on it for legal, financial, or any other serious matters is ill-advised. Please use disclaimers responsibly and in accordance with applicable laws and regulations.'
+  # Optional short text shown in the footer (centered, muted). Leave unset to hide.
+  #
+  # Environment variable override: PWP__BRAND__DISCLAIMER='Use subject to org terms. Security: contact your CSO.'
+  #
+  # disclaimer: 'Use of this instance is subject to your organization terms of service. Report misuse or security concerns to your CSO or IT security team.'
 
   ### Show Footer Menu Toggle
   #

containers/docker/entrypoint.sh

@@ -55,6 +55,10 @@ else
 fi
 echo ""
 
+# v2 release notice (upgrading from 1.x)
+echo "Password Pusher v2 — upgrading from 1.x? See: https://github.com/pglombardo/PasswordPusher/blob/master/UPGRADE-2.0.md"
+echo ""
+
 # Persist DATABASE_URL and RAILS_ENV for shell access (skip when running as arbitrary user, e.g. OpenShift)
 # Create .env.production if missing (no-op if we lack permission; avoids exit due to set -e)
 touch /opt/PasswordPusher/.env.production 2>/dev/null || true

containers/examples/pwpush-and-nginx/env-file

@@ -1,37 +1,54 @@
-# For an explanation of these settings, see:
-# https://docs.pwpush.com/docs/config-strategies/
-#
-export PWP__ENABLE_LOGINS=true
+# Password Pusher 2.0 — example env for pwpush-and-nginx.
+# Full option list and defaults: docker-compose.yml in repo root.
+# Upgrading from 1.x: https://github.com/pglombardo/PasswordPusher/blob/master/UPGRADE-2.0.md
+# Config strategies: https://docs.pwpush.com/docs/config-strategies/
+
+# --- Features (2.0 defaults; set false to disable) ---
+export PWP__ENABLE_URL_PUSHES=true
+export PWP__ENABLE_FILE_PUSHES=true
+export PWP__ENABLE_QR_PUSHES=true
+export PWP__ALLOW_ANONYMOUS=true
+
+# --- Authentication (2.0: logins always on; tune with these) ---
+# export PWP__DISABLE_SIGNUPS=false
+# export PWP__DISABLE_LOGINS=false
+# Enable if you use signup confirmation, forgot password, unlock (requires working SMTP):
+export PWP__ENABLE_USER_ACCOUNT_EMAILS=true
+
+# --- Mail ---
 export PWP__MAIL__RAISE_DELIVERY_ERRORS=true
 export PWP__MAIL__SMTP_ADDRESS=smtp.mydomain.com
 export PWP__MAIL__SMTP_PORT=587
 export PWP__MAIL__SMTP_USER_NAME=smtp-username
 export PWP__MAIL__SMTP_PASSWORD=smtp-password
 export PWP__MAIL__SMTP_AUTHENTICATION=plain
-export PWP__MAIL__SMTP_STARTTLS=true
+export PWP__MAIL__SMTP_ENABLE_STARTTLS_AUTO=true
 export PWP__MAIL__SMTP_OPEN_TIMEOUT=10
 export PWP__MAIL__SMTP_READ_TIMEOUT=10
+export PWP__MAIL__MAILER_SENDER='"Your Name" <name@mydomain.com>'
+
+# --- Deployment & URL ---
 export PWP__HOST_DOMAIN=localhost.dev
 export PWP__HOST_PROTOCOL=https
-export PWP__MAIL__MAILER_SENDER='"Your Name" <name@mydomain.com>'
 
 export PWP__SHOW_VERSION=false
 
-export PWP__ENABLE_FILE_PUSHES=true
-
+# --- Push: files (2.0 compose uses FILES__STORAGE) ---
+export PWP__FILES__STORAGE=local
 export PWP__FILES__EXPIRE_AFTER_DAYS_DEFAULT=2
 export PWP__FILES__EXPIRE_AFTER_DAYS_MAX=7
 export PWP__FILES__EXPIRE_AFTER_VIEWS_DEFAULT=5
 export PWP__FILES__EXPIRE_AFTER_VIEWS_MAX=10
 export PWP__FILES__RETRIEVAL_STEP_DEFAULT=true
 
-export PWP__ENABLE_URL_PUSHES=true
+# --- Branding ---
 export PWP__BRAND__TITLE="Acme Corp"
 export PWP__BRAND__TAGLINE="Generic is Not Good Enough"
-export PWP__BRAND__DISCLAIMER="This is a dummy disclaimer and should not be considered legally binding or taken seriously in any way."
+export PWP__BRAND__DISCLAIMER="Use subject to org terms. Security: contact your CSO."
 export PWP__BRAND__SHOW_FOOTER_MENU=false
 export PWP__BRAND__LIGHT_LOGO=https://pwpush.fra1.cdn.digitaloceanspaces.com/dev%2Facme-logo.jpg
 export PWP__BRAND__DARK_LOGO=https://pwpush.fra1.cdn.digitaloceanspaces.com/dev%2Facme-logo.jpg
 
+# --- Logging ---
 export PWP__LOG_TO_STDOUT=true
 export PWP__LOG_LEVEL=info

containers/helm/values.yaml

@@ -14,9 +14,20 @@ podLabels:
   app: "pwpush"
 
 env: {}
-  # PWP__ENABLE_LOGINS: true
-  # PWP__ENABLE_FILE_PUSHES: true
-  # PWP__FILES__STORAGE: local
+# Optional env map for the pod (2.0). See repo docker-compose.yml and:
+# https://docs.pwpush.com/docs/self-hosted-configuration/
+# Common examples:
+#   PWPUSH_MASTER_KEY: ""                      # production: set via Secret; generate at /pages/generate_key
+#   SECRET_KEY_BASE: ""                        # persist sessions across restarts
+#   PWP__ALLOW_ANONYMOUS: "true"
+#   PWP__DISABLE_SIGNUPS: "false"
+#   PWP__DISABLE_LOGINS: "false"
+#   PWP__ENABLE_USER_ACCOUNT_EMAILS: "false"   # true + SMTP for signup/reset/unlock mail
+#   PWP__ENABLE_URL_PUSHES: "true"
+#   PWP__ENABLE_FILE_PUSHES: "true"
+#   PWP__ENABLE_QR_PUSHES: "true"
+#   PWP__FILES__STORAGE: "local"                # or s3 / gcs / azure per docs
+#   PWP__LOG_TO_STDOUT: "true"
 
 livenessProbe:
   httpGet:

docker-compose.yml

@@ -135,7 +135,8 @@ x-env: &x-env
 
 services:
   pwpush:
-    image: docker.io/pglombardo/pwpush:2.0.0-a
+    # "latest" is mostly reliable; use "stable" for well tested releases.
+    image: docker.io/pglombardo/pwpush:latest
     restart: unless-stopped
     ports:
       - "80:80"