All module .ini syntax changed to app config - either .php config fil…

…es or .env files

.env.dist

@@ -123,4 +123,56 @@ DEFAULT_SETTING_GITHUB_LIMIT=20
 DEFAULT_SETTING_GITHUB_SINCE='-1 weeks'
 DEFAULT_SETTING_INLINE_MESSAGE=false
 DEFAULT_SETTING_ENABLE_KEYBOARD_SHORTCUTS=1
-DEFAULT_SETTING_ENABLE_SIEVE_FILTER=false
+DEFAULT_SETTING_ENABLE_SIEVE_FILTER=false
+
+
+APP_2FA_SECRET=""
+APP_2FA_SIMPLE=false
+
+CARD_DAV_SERVER=http://localhost:5232
+
+#DYNAMIC LOGIN
+DYNAMIC_HOST=true
+DYNAMIC_HOST_SUBDOMAIN=""
+DYNAMIC_USER=false
+DYNAMIC_SMTP_SUBDOMAIN=""
+DYNAMIC_MAIL_SUBDOMAIN=""
+
+#github.com
+GITHUB_CLIENT_ID=
+GITHUB_CLIENT_SECRET=
+GITHUB_REDIRECT_URI=
+GITHUB_AUTH_URL=https://github.com/login/oauth/authorize
+GITHUB_AUTH_URL=https://github.com/login/oauth/access_token
+
+#gmail
+GMAIL_CLIENT_ID=
+GMAIL_CLIENT_SECRET=
+GMAIL_CLIENT_URI=
+GMAIL_AUTH_URI=https://accounts.google.com/o/oauth2/auth
+GMAIL_TOKEN_URI=https://www.googleapis.com/oauth2/v3/token
+GMAIL_REFRESH_URI=https://www.googleapis.com/oauth2/v3/token
+
+#aoutlook
+OUTLOOK_CLIENT_ID=
+OUTLOOK_CLIENT_SECRET=
+OUTLOOK_CLIENT_URI=
+OUTLOOK_AUTH_URI=https://login.live.com/oauth20_authorize.srf
+OUTLOOK_TOKEN_URI=https://login.live.com/oauth20_token.srf
+OUTLOOK_REFRESH_URI=https://login.live.com/oauth20_token.srf
+
+#ldap
+LDAP_SERVER=localhost
+LDAP_ENABLE_TLS=true
+LDAP_PORT=389
+LDAP_BASE_DN="dc=example,dc=com"
+LDAP_SEARCH_TERM="objectclass=inetOrgPerson"
+LDAP_SEARCH_TERM=false
+LDAP_USER=''
+LDAP_PASS=''
+LDAP_READ_WRITE=true
+
+#WordPress
+WORDPRESS_CLIENT_ID=
+WORDPRESS_CLIENT_SECRET=
+WORDPRESS_CLIENT_URI=

config/2fa.php

@@ -0,0 +1,36 @@
+<?php
+
+return [
+    /* 
+    | --------------------------------------------------------------------
+    | Constants used for 2 factor authentication with Google Authenticator
+    | --------------------------------------------------------------------
+    |
+    | Once you edit this file, you must move it to the directory defined by
+    | app_data_dir in your config/app.php file. No need to re-run the
+    | config_gen.php script.
+    | 
+    | SECURITY ALERT ! MAKE SURE THAT THIS FILE IS NOT ACCESSIBLE BY THE BROWSER ! 
+    | 
+    | Enter the raw secret value (minimum 10 characters) to be used with the Google
+    | Authenticator Application (or any TOTP app providing 6 digit pins). Users
+    | must opt-in for 2fa on the site settings page which provides a QR barcode
+    | to configure Google Authenticator.
+    | 
+    | In order for 2fa to work, your server MUST have an accurate date and time,
+    | otherwise the codes won't match up. NTP is the standard way to keep a server's
+    | time synced: http://www.ntp.org/
+    | 
+    */
+    '2fa_secret' => env('APP_2FA_SECRET', ''),
+
+    /* 
+    |
+    | By default the generated secret will be 64 characters before being base32
+    | encoded. To use a shorter secret that is easier to manually enter, set the
+    | following to true. Note that if you change this setting after users have
+    | enabled 2fa, they will have to use a backup code to login, then reset there
+    | account in the authenticator app.
+    */
+    '2fa_simple' => env('APP_2FA_SIMPLE', false)
+];

config/app.php

@@ -2,11 +2,13 @@
 
 return [
     /* 
-
+    |
     | -----------------------------------------------------------------------------
     | General settings
     | -----------------------------------------------------------------------------
-    |
+    */
+
+    /*
     | ------------
     | Session Type
     | ------------

config/carddav.php

@@ -0,0 +1,22 @@
+<?php
+
+return [
+    /* 
+    | [Personal]
+    | ----------------------------------------
+    | Constants used for CardDav communication
+    | ----------------------------------------
+    |
+    | Once you edit this file, you must move it to the directory defined by
+    | app_data_dir in your config/app.php file. No need to re-run the
+    | config_gen.php script.
+    | 
+    | SECURITY ALERT ! MAKE SURE THAT THIS FILE IS NOT ACCESSIBLE BY THE BROWSER !
+    | 
+    | Create one section for each CardDav backend you want to support. The section
+    | name will be used in the UI for the name of this addressbook
+    | 
+    | 
+    */
+    'server' => env('CARD_DAV_SERVER', 'http://localhost:5232'),
+];

config/dynamic_login.php

@@ -0,0 +1,57 @@
+<?php
+
+return [
+    /* 
+    | ----------------------------------------------
+    | Constants used for dynamic login configuration
+    | ----------------------------------------------
+    |
+    | Once you edit this file, you must move it to the directory defined by
+    | app_data_dir in your config/app.php file. No need to re-run the
+    | config_gen.php script.
+    | 
+    | SECURITY ALERT ! MAKE SURE THAT THIS FILE IS NOT ACCESSIBLE BY THE BROWSER !
+    | 
+    | The dynamic login module set tries to autodetect mail server configurations,
+    | but you can configure it to act specifically with the following settings.
+    | 
+    | Set this to true to use the hostname in the URL used to access Cypht to
+    | determine the domain for mail services (IMAP/SMTP). If this is set to
+    | true, the mail service selection dropdown is not displayed on the login page.
+    | 
+    */
+    'dynamic_host' => env('DYNAMIC_HOST', true),
+
+    /*
+    | If dynamic_host is true, you can strip the subdomain on the url with this
+    | setting. Leave empty for no subdomain. For example, if a user accesses Cypht
+    | at webmail.example.com, set this to "webmail" to use just example.com for the
+    | IMAP/SMTP services.
+    | 
+    */
+    'dynamic_host_subdomain' => env('DYNAMIC_HOST_SUBDOMAIN', ''),
+
+    /*
+    | Set this to true to use the domain portion of an E-mail address used as a
+    | username during login for mail services. Even if this is set to false, it
+    | will still by attempted if dynamic_host is disabled and "other" is selected
+    | from the mail service dropdown. If set to true, the mail service selection
+    | dropdown is not displayed on the login page.
+    */
+    'dynamic_user' => env('DYNAMIC_USER', false),
+
+    /*
+    | Subdomain to prepend to the mail service domain for SMTP. If the mail service
+    | domain is example.com, but the SMTP server is at smtp.example.com, you would
+    | set this to "smtp". Leave blank for no subdomain.
+    */
+    'dynamic_smtp_subdomain' => env('DYNAMIC_SMTP_SUBDOMAIN', ''),
+
+    /*
+    | Subdomain to prepend to the mail service domain for IMAP. If the mail
+    | service is example.com, but the IMAP service is at "mail", you would
+    | set this to "mail". Leave blank for no subdomain.
+    */
+    'dynamic_mail_subdomain' => env('DYNAMIC_MAIL_SUBDOMAIN', ''),
+];
+

config/ldap.php

@@ -0,0 +1,73 @@
+<?php
+
+return [
+    /* 
+    | -------------------------------------
+    | Constants used for LDAP communication
+    | -------------------------------------
+    |
+    | Once you edit this file, you must move it to the directory defined by
+    | app_data_dir in your config/app.php file. No need to re-run the
+    | config_gen.php script.
+    | 
+    | SECURITY ALERT ! MAKE SURE THAT THIS FILE IS NOT ACCESSIBLE BY THE BROWSER ! 
+    | 
+    | Create one section for each LDAP backend you want to support. The section name
+    | will be used in the UI for the name of this addressbook
+    | [Personal]
+    */
+    'ldap' => [
+        /*
+        | LDAP Server hostname or IP address
+        */
+        'server' => env('LDAP_SERVER', 'localhost'),
+
+        /*
+        | Flag to enable or disable TLS connections
+        */
+        'enable_tls' => env('LDAP_ENABLE_TLS', true),
+
+        /*
+        | Port to connect to
+        */
+        'port' => env('LDAP_PORT', 389),
+
+        /*
+        | Base DN
+        */
+        'base_dn' => env('LDAP_BASE_DN', 'dc=example,dc=com'),
+
+        /*
+        | Base DN
+        */
+        'search_term' => env('LDAP_SEARCH_TERM', 'objectclass=inetOrgPerson'),
+
+        /*
+        | Flag to enable user binding. Anonymous binding is used when set to false
+        */
+        'auth' => env('LDAP_SEARCH_TERM', false),
+
+        /*
+        | Global username and password to bind with if auth is set to true. If left
+        | blank, users will have a setting on the Settings -> Site page for this
+        | connection to enter their own
+        */
+        'user' => env('LDAP_USER', ''),
+        'pass' => env('LDAP_PASS', ''),
+
+        /*
+        | Object classes for the addressbook entries
+        */
+        'objectclass' => [
+            'top',
+            'person',
+            'organizationalperson',
+            'inetorgperson'
+        ],
+
+        /*
+        | Flag to allow editing of the addressbook contents
+        */
+        'read_write' => env('LDAP_READ_WRITE', true),
+    ],
+];

config/services.php

@@ -0,0 +1,84 @@
+<?php
+
+return [
+    /* 
+    | [github.com]
+    | -------------------------------------------------------
+    | Constants used for oauth2 communication with github.com
+    | -------------------------------------------------------
+    |
+    | Once you edit this file, you must move it to the directory defined by
+    | app_data_dir in your config/app.php file. No need to re-run the
+    | config_gen.php script.
+    | 
+    | SECURITY ALERT ! MAKE SURE THAT THIS FILE IS NOT ACCESSIBLE BY THE BROWSER !
+    */
+    'github' => [
+        'client_id'     => env('GITHUB_CLIENT_ID', ''),
+        'client_secret' => env('GITHUB_CLIENT_SECRET', ''),
+        'redirect_uri'  => env('GITHUB_REDIRECT_URI', ''),
+        'auth_url'      => env('GITHUB_AUTH_URL', 'https://github.com/login/oauth/authorize'),
+        'token_url'     => env('GITHUB_TOKEN_URL', 'https://github.com/login/oauth/access_token'),
+    ],
+
+    /* 
+    | -------------------------------------------------
+    | Constants used for oauth2 authentication over IMAP
+    | -------------------------------------------------
+    |
+    | Once you edit this file, you must move it to the directory defined by
+    | app_data_dir in your config/app.php file. No need to re-run the
+    | config_gen.php script.
+    | 
+    | SECURITY ALERT ! MAKE SURE THAT THIS FILE IS NOT ACCESSIBLE BY THE BROWSER !
+    | 
+    | Currently there are only two popular E-mail providers supporting IMAP/oauth2,
+    | Outlook and Gmail. In order to use oauth2 you must create a web application
+    | that generates a client id, client secret and a redirect URI, then define them
+    | in this file.
+    | 
+    | Outlook.com https://account.live.com/developers/applications/
+    | Gmail: https://console.developers.google.com/project
+    | 
+    */
+
+    //[gmail]
+    'gmail' => [
+        'client_id'      => env('GMAIL_CLIENT_ID', ''),
+        'client_secret'  => env('GMAIL_CLIENT_SECRET', ''),
+        'client_uri'     => env('GMAIL_CLIENT_URI', ''),
+        'auth_uri'       => env('GMAIL_AUTH_URI', 'https://accounts.google.com/o/oauth2/auth'),
+        'token_uri'      => env('GMAIL_TOKEN_URI', 'https://www.googleapis.com/oauth2/v3/token'),
+        'refresh_uri'    => env('GMAIL_REFRESH_URI', 'https://www.googleapis.com/oauth2/v3/token')
+    ],
+
+    //[outlook]
+    'outlook' => [
+        'client_id'      => env('OUTLOOK_CLIENT_ID', ''),
+        'client_secret'  => env('OUTLOOK_CLIENT_SECRET', ''),
+        'client_uri'     => env('OUTLOOK_CLIENT_URI', ''),
+        'auth_uri'       => env('OUTLOOK_AUTH_URI', 'https://login.live.com/oauth20_authorize.srf'),
+        'token_uri'      => env('OUTLOOK_TOKEN_URI', 'https://login.live.com/oauth20_token.srf'),
+        'refresh_uri'    => env('OUTLOOK_REFRESH_URI', 'https://login.live.com/oauth20_token.srf')
+    ],
+
+    /* 
+    | [wordpress.com]
+    | ----------------------------------------------------------
+    | Constants used for oauth2 communication with WordPress.com
+    | ----------------------------------------------------------
+    |
+    | Once you edit this file, you must move it to the directory defined by
+    | app_data_dir in your config/app.php file. No need to re-run the
+    | config_gen.php script.
+    | 
+    | SECURITY ALERT ! MAKE SURE THAT THIS FILE IS NOT ACCESSIBLE BY THE BROWSER ! 
+    */
+
+    //[wordpress]
+    'wordpress' => [
+        'client_id'      => env('WORDPRESS_CLIENT_ID', ''),
+        'client_secret'  => env('WORDPRESS_CLIENT_SECRET', ''),
+        'client_uri'     => env('WORDPRESS_CLIENT_URI', '')
+    ],
+];

config/themes.php

@@ -0,0 +1,23 @@
+<?php
+
+return [
+    /* 
+    | --------------------------------
+    | Custom themes available in Cypht
+    | --------------------------------
+    |
+    | Once you edit this file, you must move it to the directory defined by
+    | app_data_dir in your config/app.php file. You will also need to re-run the
+    | cconfig_gen.php script.
+    | 
+    | SECURITY ALERT ! MAKE SURE THAT THIS FILE IS NOT ACCESSIBLE BY THE BROWSER !  
+    | 
+    | Define one theme per line, with a pipe character between the filename and UI name.
+    | The CSS file needs to be located modules/themes/assets. The filename used in this
+    | definition should NOT include the ".css" file extension.
+    | 
+    */
+    'theme' => [
+        "yourthemefile|Your Theme Name"
+    ],
+];

index.php

@@ -35,10 +35,8 @@
 /* get includes */
 require APP_PATH.'lib/framework.php';
 
-//get all config array merged
-$all_configs = merge_config_files(APP_PATH.'config');
 /* get configuration */
-$config = new Hm_Site_Config_File($all_configs);
+$config = new Hm_Site_Config_File();
 
 /* setup ini settings */
 if (!$config->get('disable_ini_settings')) {

lib/config.php

@@ -480,8 +480,8 @@ class Hm_Site_Config_File extends Hm_Config {
      * Load data based on source
      * @param string $source source location for site configuration
      */
-    public function __construct($all_configs) {
-        $this->load($all_configs, false);
+    public function __construct($all_configs = []) {
+        $this->load(empty($all_configs) ? merge_config_files(APP_PATH.'config') : $all_configs, false);
     }
 
     /**