AppFlowy-Cloud icon indicating copy to clipboard operation
AppFlowy-Cloud copied to clipboard

Published 20 hours ago verified publisher icon AppFlowy-IO

[FR] Limit signups

Open CedericN opened this issue 10 months ago • 11 comments

1~3 main use cases of the proposed feature It would be useful to add a setting (in docker or with an admin account) to not allow sighnups (so only possible when getting an invite)

what types of users can benefit from using your proposed feature This can be usefull for people who host this on small home servers/vps that does not have a lot of disk space/processing power.

Additional context For now I don't think it will be an issue that random people will start to sign up at random self hosed sited. But when this gets bigger (Which I think will probably happen) this can be a bigger issue

CedericN avatar Apr 15 '24 15:04 CedericN

@CedericN You can disable all signups after setting up all your accounts.

To disable signups:

  1. Open docker-compose.yml and add the following in services.gotrue.environment: GOTRUE_DISABLE_SIGNUP=false
  2. Apply the settings by running docker compose up -d

speed2exe avatar Apr 17 '24 17:04 speed2exe

Ooh I must have mist that setting.

But will this also disable signups by invite Link or will those still be possible?

CedericN avatar Apr 18 '24 04:04 CedericN

@CedericN It will not be possible. but you still can log in with admin account, then create user from there.

speed2exe avatar Apr 19 '24 04:04 speed2exe

Ooh okay, it would be nice/helpful to have this in the future but for now this is already really useful

CedericN avatar Apr 19 '24 04:04 CedericN

Hello,

Where GOTRUE_DISABLE_SIGNUP is documented ?

Best regards

henri9813 avatar May 09 '24 10:05 henri9813

Hello,

Setting the variable to false does nothing, it must be set to true to have the following result image

However, setting this to true make appflowy Crash because it can create the admin account ( which already exist ... )

appflowy_cloud-1    | AppFlowy Cloud with RUST_LOG=info
appflowy_cloud-1    | {"timestamp":"2024-05-09T11:37:53.208614Z","level":"INFO","fields":{"message":"Preparing to run database migrations..."},"target":"appflowy_cloud::application"}
appflowy_cloud-1    | {"timestamp":"2024-05-09T11:37:53.208629Z","level":"INFO","fields":{"message":"Connecting to postgres database with setting: DatabaseSetting { pg_conn_opts: PgConnectOptions { host: \"postgres\", port: 5432, socket: None, username: \"postgres\", password: Some(\"password\"), database: Some(\"postgres\"), ssl_mode: Prefer, ssl_root_cert: None, ssl_client_cert: None, ssl_client_key: None, statement_cache_capacity: 100, application_name: None, log_settings: LogSettings { statements_level: Debug, slow_statements_level: Warn, slow_statements_duration: 1s }, extra_float_digits: Some(\"2\"), options: None }, require_ssl: false, max_connections: 40, database_name: postgres }"},"target":"appflowy_cloud::application"}
appflowy_cloud-1    | {"timestamp":"2024-05-09T11:37:53.212418Z","level":"INFO","fields":{"message":"Setting up S3 bucket..."},"target":"appflowy_cloud::application"}
appflowy_cloud-1    | {"timestamp":"2024-05-09T11:37:53.212424Z","level":"INFO","fields":{"message":"Connecting to S3 bucket with setting: S3Setting { use_minio: true, minio_url: \"http://minio:9000\", access_key: \"minioadmin\", secret_key: Secret([REDACTED alloc::string::String]), bucket: \"appflowy\", region: \"\" }"},"target":"appflowy_cloud::application"}
appflowy_cloud-1    | {"timestamp":"2024-05-09T11:37:53.222239Z","level":"INFO","fields":{"message":"Connecting to GoTrue..."},"target":"appflowy_cloud::application"}
appflowy_cloud-1    | {"timestamp":"2024-05-09T11:37:53.222248Z","level":"INFO","fields":{"message":"Connecting to GoTrue with setting: GoTrueSetting { base_url: \"http://gotrue:9999\", ext_url: \"https://appflowy.gladhost.cloud\", jwt_secret: Secret([REDACTED alloc::string::String]), admin_email: \"[email protected]\", admin_password: Secret([REDACTED alloc::string::String]) }"},"target":"appflowy_cloud::application"}
appflowy_cloud-1    | {"timestamp":"2024-05-09T11:37:53.226838Z","level":"ERROR","fields":{"error":"code: 403, msg:Signups not allowed for this instance, error_id: None"},"target":"gotrue::api","span":{"name":"sign_up"},"spans":[{"name":"sign_up"}]}
appflowy_cloud-1    | Error: Failed to initialize application state: code: 403, msg:Signups not allowed for this instance, error_id: None
appflowy_cloud-1    | 
appflowy_cloud-1    | Stack backtrace:
appflowy_cloud-1    |    0: anyhow::error::<impl anyhow::Error>::msg
appflowy_cloud-1    |    1: tokio::task::local::LocalSet::run_until::{{closure}}
appflowy_cloud-1    |    2: appflowy_cloud::main
appflowy_cloud-1    |    3: std::sys_common::backtrace::__rust_begin_short_backtrace
appflowy_cloud-1    |    4: main
appflowy_cloud-1    |    5: <unknown>
appflowy_cloud-1    |    6: __libc_start_main
appflowy_cloud-1    |    7: _start

henri9813 avatar May 09 '24 11:05 henri9813

@henri9813 During the initial set up, the admin will registered itself, it should work after the initial run. GOTRUE_DISABLE_SIGNUP is not documented yet.

speed2exe avatar May 09 '24 12:05 speed2exe

Hello,

Yes, but if a restart appflowy container, the container doesn't start anymore !

I open a related issue to fix this issue: https://github.com/AppFlowy-IO/AppFlowy-Cloud/issues/544

henri9813 avatar May 09 '24 12:05 henri9813

I'm having problems. When i add that line to the docker-compose.yml, it blocks sign-up's correctlu, but makes having problems to log in.

error-log-in

DrilealoTatarara avatar May 16 '24 11:05 DrilealoTatarara