diff --git a/.dockerignore b/.dockerignore index 1cd57768..888af20a 100644 --- a/.dockerignore +++ b/.dockerignore @@ -77,5 +77,9 @@ docs/_build/ # PyBuilder target/ -#Ipython Notebook +# Ipython Notebook .ipynb_checkpoints + +# SSO +*.pem +*.crt diff --git a/deployment/common/nginx.conf b/deployment/common/nginx.conf index da22340b..e2af9e29 100644 --- a/deployment/common/nginx.conf +++ b/deployment/common/nginx.conf @@ -58,3 +58,4 @@ server { alias /data/; } } + diff --git a/deployment/common/ssl-proxy.conf b/deployment/common/ssl-proxy.conf index e4746e24..8c838fb7 100644 --- a/deployment/common/ssl-proxy.conf +++ b/deployment/common/ssl-proxy.conf @@ -1,63 +1,63 @@ - server { - listen 80; - server_name merginmaps.company.com; # FIXME +server { + listen 80; + server_name merginmaps.company.com; # FIXME - if ($scheme != "https") { - return 301 https://$host$request_uri; - } + if ($scheme != "https") { + return 301 https://$host$request_uri; } - - upstream app_server { - # route to the application proxy - server 127.0.0.1:8080 fail_timeout=0; - } - - server { - listen 443 ssl; - server_name merginmaps.company.com; # FIXME - client_max_body_size 4G; - - ssl_certificate_key /etc/letsencrypt/live/merginmaps.company.com/privkey.pem; # FIXME - ssl_certificate /etc/letsencrypt/live/merginmaps.company.com/fullchain.pem; # FIXME - - # Don't show version information - server_tokens off; - - # Enable gzip compression - gzip on; - gzip_min_length 10240; - gzip_comp_level 1; - gzip_vary on; - gzip_proxied any; - gzip_types - text/css - text/javascript - application/javascript - application/x-javascript; - - # Prevent crawlers from indexing and following links for all content served from the mergin app - add_header X-Robots-Tag "none"; - - # Protect against clickjacking iframe - add_header Content-Security-Policy "frame-ancestors 'self';" always; - - # Add a HSTS policy to prevent plain http from browser - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - # Set cookies security flags - proxy_cookie_flags ~ secure httponly samesite=strict; - - location / { - root /var/www/html; - - # The lines below were copied from application proxy - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Host $http_host; - # we don't want nginx trying to do something clever with - # redirects, we set the Host: header above already. - proxy_redirect off; - proxy_pass http://app_server; - } +} + +upstream app_server { + # route to the application proxy + server 127.0.0.1:8080 fail_timeout=0; +} + +server { + listen 443 ssl; + server_name merginmaps.company.com; # FIXME + client_max_body_size 4G; + + ssl_certificate_key /etc/letsencrypt/live/merginmaps.company.com/privkey.pem; # FIXME + ssl_certificate /etc/letsencrypt/live/merginmaps.company.com/fullchain.pem; # FIXME + + # Don't show version information + server_tokens off; + + # Enable gzip compression + gzip on; + gzip_min_length 10240; + gzip_comp_level 1; + gzip_vary on; + gzip_proxied any; + gzip_types + text/css + text/javascript + application/javascript + application/x-javascript; + + # Prevent crawlers from indexing and following links for all content served from the mergin app + add_header X-Robots-Tag "none"; + + # Protect against clickjacking iframe + add_header Content-Security-Policy "frame-ancestors 'self';" always; + + # Add a HSTS policy to prevent plain http from browser + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + # Set cookies security flags + proxy_cookie_flags ~ secure httponly samesite=strict; + + location / { + root /var/www/html; + + # The lines below were copied from application proxy + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Host $http_host; + # we don't want nginx trying to do something clever with + # redirects, we set the Host: header above already. + proxy_redirect off; + proxy_pass http://app_server; } +} diff --git a/deployment/community/.env.template b/deployment/community/.env.template index 4c8aa6aa..4526246e 100644 --- a/deployment/community/.env.template +++ b/deployment/community/.env.template @@ -1,17 +1,19 @@ # This file should contain a set of Mergin Maps configuration definitions along with their default values +# Required for access of your server from the internet in email links +#MERGIN_BASE_URL=http://localhost:5000 +MERGIN_BASE_URL=fixme.example.com -FLASK_APP=application +# fixme: administrator email address for notifications and application initialisation +CONTACT_EMAIL=admin@example.com -# Required for access of your server -#MERGIN_BASE_URL=http://localhost:5000 +# Flask application related + +FLASK_APP=application #DEBUG=FLASK_DEBUG | False FLASK_DEBUG=0 -#LOCAL_PROJECTS=os.path.join(config_dir, os.pardir, os.pardir, 'projects') # for local storage type -LOCAL_PROJECTS=/data - #MAINTENANCE_FILE=os.path.join(LOCAL_PROJECTS, 'MAINTENANCE') # locking file when backups are created MAINTENANCE_FILE=/data/MAINTENANCE @@ -104,6 +106,9 @@ MAIL_SUPPRESS_SEND=0 # data sync +#LOCAL_PROJECTS=os.path.join(config_dir, os.pardir, os.pardir, 'projects') # for local storage type +LOCAL_PROJECTS=/data + #BLACKLIST='.mergin/, .DS_Store, .directory' # cast=Csv() #FILE_EXPIRATION=48 * 3600 # for clean up of old files where diffs were applied, in seconds diff --git a/deployment/enterprise/.env.template b/deployment/enterprise/.env.template index f3ea9473..f51c8bef 100644 --- a/deployment/enterprise/.env.template +++ b/deployment/enterprise/.env.template @@ -1,26 +1,25 @@ # This file should contain a full set of Mergin Maps configuration # definitions along with their default values -FLASK_APP=application -GEODIFF_LOGGER_LEVEL=2 -CONTACT_EMAIL=fixme +# Base URL of your deployment, required for access of your server from the internet in email links +#MERGIN_BASE_URL=http://localhost:5000 +MERGIN_BASE_URL=fixme.example.com +# fixme: administrator email address for notifications and application initialisation +CONTACT_EMAIL=admin@example.com -# ALL VERSIONS ######################################################################################################### +# Flask application related -#DEBUG=FLASK_DEBUG | False +FLASK_APP=application +GEODIFF_LOGGER_LEVEL=2 -#LOCAL_PROJECTS=os.path.join(config_dir, os.pardir, os.pardir, 'projects') # for local storage type -LOCAL_PROJECTS=/data +#DEBUG=FLASK_DEBUG | False #MAINTENANCE_FILE=os.path.join(LOCAL_PROJECTS, 'MAINTENANCE') # locking file when backups are created MAINTENANCE_FILE=/data/MAINTENANCE #PROXY_FIX=True -#SECRET_KEY=NODEFAULT -SECRET_KEY=fix-me - #SWAGGER_UI=False # to enable swagger UI console (for test only) #TEMP_DIR=gettempdir() # trash dir for temp files being cleaned regularly @@ -28,9 +27,6 @@ TEMP_DIR=/data/tmp #TESTING=False -#USER_SELF_REGISTRATION=True - - # Mergin DB related #DB_APPLICATION_NAME=mergin @@ -59,10 +55,20 @@ DB_PORT=5432 # auth related +#USER_SELF_REGISTRATION=True + +#SECRET_KEY=NODEFAULT +SECRET_KEY=fixme + #BEARER_TOKEN_EXPIRATION=3600 * 12 # in seconds +#SECURITY_BEARER_SALT=NODEFAULT SECURITY_BEARER_SALT=fixme + +#SECURITY_EMAIL_SALT=NODEFAULT SECURITY_EMAIL_SALT=fixme + +#SECURITY_PASSWORD_SALT=NODEFAULT SECURITY_PASSWORD_SALT=fixme #WTF_CSRF_ENABLED=True @@ -93,11 +99,14 @@ MAIL_SERVER=fixme #MAIL_USE_TLS=True #MAIL_USERNAME=NODEFAULT -MAIL_USERNAME=fix-me +MAIL_USERNAME=fixme # data sync +#LOCAL_PROJECTS=os.path.join(config_dir, os.pardir, os.pardir, 'projects') # for local storage type +LOCAL_PROJECTS=/data + #BLACKLIST='.mergin/, .DS_Store, .directory' # cast=Csv() #FILE_EXPIRATION=48 * 3600 # for clean up of old files where diffs were applied, in seconds @@ -216,5 +225,27 @@ VECTOR_TILES_STYLE_URL=https://tiles-ee.merginmaps.com//styles/default.json #OVERVIEW_MAX_FILE_SIZE=1048576 # 1MB -# Diagnostic logs from Mobile and QGIS Plugin +### Diagnostic logs from Mobile and QGIS Plugin DIAGNOSTIC_LOGS_DIR=/diagnostic_logs + +### SSO ################################################################################################################ +SSO_ENABLED=False + +# public URL of the SSO server, used for redirecting users to SSO login page +SSO_SERVER_URL=http://localhost:8081 + +# api key used for internal calls to SSO server. +# SSO_SERVER_API_KEY=fixme + +# internal URL of the api server, used for internal calls to polis API +# SSO_SERVER_API_URL=http://merginmaps-proxy:8081 + +# internal URL of the SSO server, used for internal calls to polis Oauth API +# SSO_SERVER_INTERNAL_URL=http://merginmaps-proxy:8081 + +# by default token is alive for 14 days (use seconds as unit +# SSO_SESSION_EXPIRATION=14 * 24 * 3600 + +# This should be the same as SSO connection Product field in admin panel. +# Default value is mergin-maps-product string +# SSO_SERVER_PRODUCT_ID=mergin-maps-product diff --git a/deployment/enterprise/.sso.env.template b/deployment/enterprise/.sso.env.template new file mode 100644 index 00000000..0d3a35bd --- /dev/null +++ b/deployment/enterprise/.sso.env.template @@ -0,0 +1,36 @@ +# Environment variables for Ory Polis SSO server +# for full list check https://www.ory.sh/docs/polis/deploy/env-variables + +# need to be base64 encoded values +# JACKSON_API_KEYS= +# DB_ENCRYPTION_KEY= +# NEXTAUTH_JWT_SIGNING_PRIVATE_KEY= +# NEXTAUTH_SECRET= +# these comes from key pair +# PRIVATE_KEY= +# PUBLIC_KEY= + +NEXTAUTH_ACL= +# fixme with proper credentials +NEXTAUTH_ADMIN_CREDENTIALS=admin@boxy.com:boxy + +# Add some not real domain here. It will be used for SAML application initialization. For more details see: https://www.ory.sh/docs/polis/deploy/env-variables#saml_audience +SAML_AUDIENCE=https://saml.merginmaps.com + +# Chnage in production to real domain where Polis will be deployed +EXTERNAL_URL=http://localhost:8081 +NEXTAUTH_URL=http://localhost:8081 +# beware it should use different db and user in production +DB_URL=postgres://postgres:postgres@db:5432/jackson +DB_ENGINE=sql +DB_TYPE=postgres +DB_TTL=300 +DB_CLEANUP_LIMIT=1000 +DB_MANUAL_MIGRATION=false +BOXYHQ_NO_TELEMETRY=true +BOXYHQ_NO_ANALYTICS=true +DO_NOT_TRACK=true +IDP_ENABLED=false +ADMIN_PORTAL_HIDE_AUDIT_LOGS=true +ADMIN_PORTAL_HIDE_IDENTITY_FEDERATION=true +ADMIN_PORTAL_HIDE_DIRECTORY_SYNC=true diff --git a/deployment/enterprise/README.md b/deployment/enterprise/README.md index 5620c12c..7d93ce42 100644 --- a/deployment/enterprise/README.md +++ b/deployment/enterprise/README.md @@ -1,28 +1,77 @@ # Mergin Maps Enterprise Edition Deployment -Suitable for Ubuntu servers, one node deployment using docker compose and system nginx as a reverse proxy. -> [!IMPORTANT] -> Docker images for Mergin Maps Enterprise edition are stored on a private AWS ECR repository. +Suitable for Ubuntu servers, single-node deployment using Docker Compose and system NGINX as a reverse proxy. + +> [!IMPORTANT] +> Docker images for Mergin Maps Enterprise Edition are stored in a private AWS ECR repository. > To access them, you need a Mergin Maps Enterprise [subscription](https://merginmaps.com/pricing). -> Please contact Mergin Maps [sales team](https://merginmaps.com/contact-sales)! +> Please contact the Mergin Maps [sales team](https://merginmaps.com/contact-sales)! + +## Login to Mergin Maps AWS ECR Repository -## Login to Mergin Maps AWS ECR repository ```shell aws ecr --region eu-west-1 get-login-password | docker login --username AWS --password-stdin 433835555346.dkr.ecr.eu-west-1.amazonaws.com ``` -## Load docker images, configure and run mergin maps stack -For running Mergin Maps you need to load local docker images (if any). Make sure you have access to Lutra's ECR repository. You can check it by running -``` +## Load Docker Images, Configure, and Run Mergin Maps Stack + +To run Mergin Maps, you need to load local Docker images (if any). Make sure you have access to Lutra's ECR repository. You can check this by running: + +```shell docker pull 433835555346.dkr.ecr.eu-west-1.amazonaws.com/mergin/mergin-ee-back:2025.3.0 ``` -Then modify [docker-compose file](docker-compose.yml) and create environment file `.prod.env` from `.env.template`. Details about configuration can be find in [docs](https://merginmaps.com/docs/server/install/). +Then modify the [docker-compose file](docker-compose.yml) and create the environment file `.prod.env` from `.env.template`. Details about configuration can be found in the [docs](https://merginmaps.com/docs/server/install/). ```shell cp .env.template .prod.env ``` -Next step is to create data directory for Mergin Maps `data` with proper permissions. Should you prefer a different location, please do search and replace it in config files (`.prod.env`, `docker-compose.yml`). Make sure your volume is large enough since Mergin Maps keeps all projects files, their history and also needs some space for temporary processing. +The next step is to create a data directory for Mergin Maps (`data`) with proper permissions. If you prefer a different location, please search and replace it in the configuration files (`.prod.env`, `docker-compose.yml`). Ensure your volume is large enough since Mergin Maps stores all project files, their history, and requires space for temporary processing. + +For more details about deployment, please check the [docs](https://merginmaps.com/docs/server/install/#deployment). + +### Configure SSO (Optional) + +For SSO deployment, you need to run the initialization script: + +```shell +cd sso +bash ./sso/sso-init.sh`. +``` + +This will generate a ready-to-use file with some pre-generated secrets needed for the SSO backend. +Alternatively, and most recommended, you can manually create `.sso.env` from the provided `.sso.env.template` and generate your own secret keys as well as other relevant configurations. + +Make sure if the proxy has mounted the [./sso/sso-nginx.conf](./sso/sso-nginx.conf) file in the main [docker-compose.yml](./docker-compose.yml) file. + +Please follow the Mergin Maps [documentation](https://merginmaps.com/docs/server/sso-deployment/) on this topic. + +### Configure WebMaps (Optional) + +WebMaps support is activated with the environment variable `MAPS_ENABLED=True` in the main `.prod.env` configuration file. +Also, check other important WebMaps-related environment variable configurations in the Mergin Maps [docs](https://merginmaps.com/docs/server/environment/#webmaps). + +## Run Mergin Maps Stack + +Finally, initialize your Mergin Maps stack with: + +```shell +docker compose up -d +``` + +If you have WebMaps enabled, after the main Mergin Maps stack is initialized, simply run: + +```shell +docker compose -f docker-compose.sso.yml up -d +# restart merginmaps-proxy nginx in case of any errors with connections +``` + +The Polis server admin panel will then be available at http://localhost:8081. + +If you have WebMaps enabled, after the main Mergin Maps stack is initialized, simply run: + +```shell +docker compose -f docker-compose.maps.yml up -d +``` -For more details about deployment please check [docs](https://merginmaps.com/docs/server/install/#deployment). diff --git a/deployment/enterprise/docker-compose.sso.yml b/deployment/enterprise/docker-compose.sso.yml new file mode 100644 index 00000000..12158df2 --- /dev/null +++ b/deployment/enterprise/docker-compose.sso.yml @@ -0,0 +1,13 @@ +networks: + mergin: + name: mergin-ee + +services: + sso-server: + image: boxyhq/jackson:1.48.2 + container_name: merginmaps-sso-server + restart: always + env_file: + - .sso.env + networks: + - mergin # If you plan to deploy SSO stack on an isolated machine, just comment out this diff --git a/deployment/enterprise/docker-compose.yml b/deployment/enterprise/docker-compose.yml index 3bf085e4..95cb1657 100644 --- a/deployment/enterprise/docker-compose.yml +++ b/deployment/enterprise/docker-compose.yml @@ -5,7 +5,7 @@ networks: services: server: - image: 433835555346.dkr.ecr.eu-west-1.amazonaws.com/mergin/mergin-ee-back:2025.3.0 + image: 433835555346.dkr.ecr.eu-west-1.amazonaws.com/mergin/mergin-ee-back:2025.5.0 container_name: merginmaps-server restart: always user: 901:999 @@ -20,9 +20,8 @@ services: - db networks: - mergin - web: - image: 433835555346.dkr.ecr.eu-west-1.amazonaws.com/mergin/mergin-ee-front:2025.3.0 + image: 433835555346.dkr.ecr.eu-west-1.amazonaws.com/mergin/mergin-ee-front:2025.5.0 container_name: merginmaps-web restart: always depends_on: @@ -31,7 +30,6 @@ services: - .prod.env networks: - mergin - proxy: image: nginxinc/nginx-unprivileged:1.27 container_name: merginmaps-proxy @@ -40,9 +38,12 @@ services: user: 101:999 ports: - "8080:8080" + - "8081:8081" volumes: - ./data:/data # map data dir to host - ../common/nginx.conf:/etc/nginx/templates/default.conf.template + # If using sso, uncomment the next line + # - ./sso/sso-nginx.conf:/etc/nginx/templates/sso.conf.template networks: - mergin depends_on: @@ -50,7 +51,7 @@ services: - server celery-beat: - image: 433835555346.dkr.ecr.eu-west-1.amazonaws.com/mergin/mergin-ee-back:2025.3.0 + image: 433835555346.dkr.ecr.eu-west-1.amazonaws.com/mergin/mergin-ee-back:2025.5.0 container_name: merginmaps-celery-beat restart: always user: 901:999 @@ -66,7 +67,7 @@ services: - mergin celery-worker: - image: 433835555346.dkr.ecr.eu-west-1.amazonaws.com/mergin/mergin-ee-back:2025.3.0 + image: 433835555346.dkr.ecr.eu-west-1.amazonaws.com/mergin/mergin-ee-back:2025.5.0 container_name: merginmaps-celery-worker restart: always user: 901:999 @@ -82,22 +83,19 @@ services: - redis networks: - mergin - db: image: postgres:14 container_name: merginmaps-db restart: always volumes: - ./mergin-db-enterprise:/var/lib/postgresql/data + - ./sso/boxy.sql:/docker-entrypoint-initdb.d/boxy.sql environment: - POSTGRES_DB=mergin - POSTGRES_USER=postgres - POSTGRES_PASSWORD=postgres # !TODO Change this and also change .prod.env $DB_PASSWORD accordingly - ports: - - 5432:5432 networks: - mergin - redis: image: redis container_name: merginmaps-redis diff --git a/deployment/enterprise/ssl-sso-proxy.conf b/deployment/enterprise/ssl-sso-proxy.conf new file mode 100644 index 00000000..59559239 --- /dev/null +++ b/deployment/enterprise/ssl-sso-proxy.conf @@ -0,0 +1,60 @@ + +server { + listen 80; + server_name sso.company.com; # FIXME + + if ($scheme != "https") { + return 301 https://$host$request_uri; + } +} + +upstream sso_server { + # route to the application proxy + server 127.0.0.1:8081 fail_timeout=0; +} + +server { + listen 443 ssl; + server_name sso.company.com; # FIXME + client_max_body_size 4G; + + ssl_certificate_key /etc/letsencrypt/live/sso.company.com/privkey.pem; # FIXME + ssl_certificate /etc/letsencrypt/live/sso.company.com/fullchain.pem; # FIXME + + # Don't show version information + server_tokens off; + + # Enable gzip compression + gzip on; + gzip_min_length 10240; + gzip_comp_level 1; + gzip_vary on; + gzip_proxied any; + gzip_types + text/css + text/javascript + application/javascript + application/x-javascript; + + # Prevent crawlers from indexing and following links for all content served from the mergin app + add_header X-Robots-Tag "none"; + + # Protect against clickjacking iframe + add_header Content-Security-Policy "frame-ancestors 'self';" always; + + # Add a HSTS policy to prevent plain http from browser + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + # Set cookies security flags + proxy_cookie_flags ~ secure httponly samesite=strict; + + location / { + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Host $http_host; + # we don't want nginx trying to do something clever with + # redirects, we set the Host: header above already. + proxy_redirect off; + proxy_pass http://sso_server; + } +} diff --git a/deployment/enterprise/sso/boxy.sql b/deployment/enterprise/sso/boxy.sql new file mode 100644 index 00000000..dc26244e --- /dev/null +++ b/deployment/enterprise/sso/boxy.sql @@ -0,0 +1,2 @@ +-- Bootstrap script for the database when first initialized. We need to create jackson database as declared in DB_URL variable. +CREATE DATABASE jackson; diff --git a/deployment/enterprise/sso/sso-init.sh b/deployment/enterprise/sso/sso-init.sh new file mode 100755 index 00000000..28255b19 --- /dev/null +++ b/deployment/enterprise/sso/sso-init.sh @@ -0,0 +1,25 @@ +#!/bin/bash +set -eu + +# Create sso env file +grep -v '^#' ../.sso.env.template > ../.sso.env +# create key pair for sso if not present +if [[ ! -f key.pem ]] || [[ ! -f public.crt ]]; then + echo "Generating certificates for sso server..." + openssl req -x509 -newkey rsa:2048 -keyout key.pem -out public.crt -sha256 -days 365 -nodes -batch +fi + + +# generate some random secrets +API_KEY=$(openssl rand -base64 32) +echo JACKSON_API_KEYS=$API_KEY >> ../.sso.env +echo DB_ENCRYPTION_KEY=$(openssl rand -base64 32) >> ../.sso.env +echo DB_ENCRYPTION_KEY=$(openssl rand -base64 32) >> ../.sso.env +echo NEXTAUTH_SECRET=$(openssl rand -base64 32) >> ../.sso.env +echo PUBLIC_KEY=$(cat public.crt | base64 | tr -d '\n') >> ../.sso.env +echo PRIVATE_KEY=$(cat key.pem | base64 | tr -d '\n') >> ../.sso.env + +# mergin maps related env variables +echo SSO_SERVER_API_KEY=$API_KEY >> ../.prod.env +echo SSO_SERVER_INTERNAL_URL=http://merginmaps-proxy:8081 >> ../.prod.env +echo SSO_SERVER_API_URL=http://merginmaps-proxy:8081 >> ../.prod.env diff --git a/deployment/enterprise/sso/sso-nginx.conf b/deployment/enterprise/sso/sso-nginx.conf new file mode 100644 index 00000000..a019a851 --- /dev/null +++ b/deployment/enterprise/sso/sso-nginx.conf @@ -0,0 +1,20 @@ +server { + listen 8081; + listen [::]:8081; + server_name _; + + client_max_body_size 4G; + + # Don't show version information + server_tokens off; + + location / { + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Host $http_host; + # we don't want nginx trying to do something clever with + # redirects, we set the Host: header above already. + proxy_redirect off; + proxy_pass http://sso-server:5225; + } + } diff --git a/doc/MM_symbol_COLOR_TRANSPARENT.png b/doc/MM_symbol_COLOR_TRANSPARENT.png new file mode 100644 index 00000000..7a60a0e1 Binary files /dev/null and b/doc/MM_symbol_COLOR_TRANSPARENT.png differ diff --git a/server/mergin/config.py b/server/mergin/config.py index 8855b5a8..d3bc65dc 100644 --- a/server/mergin/config.py +++ b/server/mergin/config.py @@ -120,5 +120,5 @@ class Configuration(object): ), ) DIAGNOSTIC_LOGS_MAX_SIZE = config( - "DIAGNOSTIC_LOGS_MAX_SIZE", default=1024 * 1024, cast=int + "DIAGNOSTIC_LOGS_MAX_SIZE", default=10 * 1024 * 1024, cast=int ) diff --git a/server/mergin/version.py b/server/mergin/version.py index d8556b12..818a707c 100644 --- a/server/mergin/version.py +++ b/server/mergin/version.py @@ -4,4 +4,4 @@ def get_version(): - return "2025.4.2" + return "2025.5.0" diff --git a/server/setup.py b/server/setup.py index f6f32998..eefc21aa 100644 --- a/server/setup.py +++ b/server/setup.py @@ -6,7 +6,7 @@ setup( name="mergin", - version="2025.4.2", + version="2025.5.0", url="https://github.com/MerginMaps/mergin", license="AGPL-3.0-only", author="Lutra Consulting Limited",