* Cas authentication feature

* Config

* Remove class_eval + Omniauth initializer

* Codeclimate review

* Codeclimate review 2

* Codeclimate review 3

* Remove uid/email reconciliation

* SAML authentication

* Clean up code

* Improve login form

* Fix code style issues

* Add locales

* enforce https in production

* note changes in production env sample

* typo fix

Keystone V2 is deprecated in favour of V3. This adds the necessary
connection parameters for establishing a V3 connection. Connections
to V2 endpoints are still possible and the configuration should
remain compatible.

This also introduces a SWIFT_REGION variable for multi-region
OpenStack environments and a SWIFT_CACHE_TTL that controls how long
tokens and other meta-data is cached for. Caching tokens avoids
rate-limiting errors that would result in media uploads becoming
unavailable during high load or when using tasks like
media:remove_remote. fog-openstack only supports token caching for
V3 endpoints, so a recommendation for using V3 was added.

* Add Rake task for generate VAPID key

* edit config/initializers/vapid.rb

* feat: Register push subscription

* feat: Notify when mentioned

* feat: Boost, favourite, reply, follow, follow request

* feat: Notification interaction

* feat: Handle change of public key

* feat: Unsubscribe if things go wrong

* feat: Do not send normal notifications if push is enabled

* feat: Focus client if open

* refactor: Move push logic to WebPushSubscription

* feat: Better title and body

* feat: Localize messages

* chore: Fix lint errors

* feat: Settings

* refactor: Lazy load

* fix: Check if push settings exist

* feat: Device-based preferences

* refactor: Simplify logic

* refactor: Pull request feedback

* refactor: Pull request feedback

* refactor: Create /api/web/push_subscriptions endpoint

* feat: Spec PushSubscriptionController

* refactor: WebPushSubscription => Web::PushSubscription

* feat: Spec Web::PushSubscription

* feat: Display first media attachment

* feat: Support direction

* fix: Stuff broken while rebasing

* refactor: Integration with session activations

* refactor: Cleanup

* refactor: Simplify implementation

* feat: Set VAPID keys via environment

* chore: Comments

* fix: Crash when no alerts

* fix: Set VAPID keys in testing environment

* fix: Follow link

* feat: Notification actions

* fix: Delete previous subscription

* chore: Temporary logs

* refactor: Move migration to a later date

* fix: Fetch the correct session activation and misc bugs

* refactor: Move migration to a later date

* fix: Remove follow request (no notifications)

* feat: Send administrator contact to push service

* feat: Set time-to-live

* fix: Do not show sensitive images

* fix: Reducer crash in error handling

* feat: Add badge

* chore: Fix lint error

* fix: Checkbox label overlap

* fix: Check for payload support

* fix: Rename action "type" (crash in latest Chrome)

* feat: Action to expand notification

* fix: Lint errors

* fix: Unescape notification body

* fix: Do not allow boosting if the status is hidden

* feat: Add VAPID keys to the production sample environment

* fix: Strip HTML tags from status

* refactor: Better error messages

* refactor: Handle browser not implementing the VAPID protocol (Samsung Internet)

* fix: Error when target_status is nil

* fix: Handle lack of image

* fix: Delete reference to invalid subscriptions

* feat: Better error handling

* fix: Unescape HTML characters after tags are striped

* refactor: Simpify code

* fix: Modify to work with #4091

* Sort strings alphabetically

* i18n: Updated Polish translation

it annoys me that it's not fully localized :P

* refactor: Use current_session in PushSubscriptionController

* fix: Rebase mistake

* fix: Set cacheName to mastodon

* refactor: Pull request feedback

* refactor: Remove logging statements

* chore(yarn): Fix conflicts with master

* chore(yarn): Copy latest from master

* chore(yarn): Readd offline-plugin

* refactor: Use save! and update!

* refactor: Send notifications async

* fix: Allow retry when push fails

* fix: Save track for failed pushes

* fix: Minify sw.js

* fix: Remove account_id from fabricator

- improve docker_entrypoint.sh
- serve static files with puma by default
- sort packages list
- use virtual package for build deps
- show how to assign UID/GID

Fixes #2254

* Add additional documentation and warnings to the WEB_DOMAIN setting.

This feature is largely undocumented, and quite a number of users have
shot them in the feet already despite the warning. Added a bit of documentation
and expanded the warning until we have a mechanism for dealing with conflicting
user URIs.

* Change WEB_DOMAIN comments to point to the extensive online documentation

connection options instead of setting REDIS_HOST etc individually

Close #1986

Without setting it, exim will reject the mail with a message like:
rejected EHLO from [10.20.0.1]: syntactically invalid argument(s): {}

* Allow using an SMTP server without authentication (e.g Postfix relay on the same host) by setting SMTP_LOGIN and SMTP_AUTH_METHOD to 'none'

* Add note in .env.production.sample about SMTP settings for servers where no auth is required

* Assume that SMTP_LOGIN and SMTP_PASSWORD will be blank if we set SMTP_AUTH_METHOD to none

* Allow running mastodon on a different domain as the one used for identifying users

* Alter documentation of WEB_DOMAIN to make clear it shouldn't be used unless the admin knows what they are doing

* Compare to web_domain instead of local_domain when dealing with feeds/API

* Correctly identify mentions to local accounts

Mentions URLs point to the person's web profile, i.e., the user page served on WEB_DOMAIN.

* Custom Paperclip path.

* Document PAPERCLIP_ROOT.

* Add PAPERCLIP_ROOT_URL (and rename PAPERCLIP_ROOT to PAPERCLIP_ROOT_PATH).

* delivery fix

# Conflicts:
#	config/environments/production.rb

* added stub in .env file

* reordered and added a comment

* Allow SMTP auth method customization

* Add SMTP openssl_verify_mode option support

Allows one use self-signed certs with their SMTP server.

* Add SMTP enable_starttls_auto option support

Setting of locale in controller extracted to Localized concern,
the doorkeeper authorized applications controller moved under
custom namespace with inclusion of Localized, which resolves the
"it sometimes appears in a different random language" bug

Small addition in case people want email service options, sparkpost.com gives you 100k/mo free

This adds the ability to filter user signup with a whitelist
instead of or in addition to a blacklist.

Fixes #817

add support for reading S3 protocol from ENV
also add S3_HOSTNAME in .env.production.sample

Make the streaming API also handle websockets (because trying to get the browser EventSource interface to
work flawlessly was a nightmare). WARNING: This commit makes the web UI connect to the streaming API instead
of ActionCable like before. This means that if you are upgrading, you should set that up beforehand.