From b7c000b78b9af253fb115bbfa5ef0d4c0681abbb Mon Sep 17 00:00:00 2001
From: Lauri Ojansivu <x@xet7.org>
Date: Mon, 11 Mar 2019 19:47:23 +0200
Subject: Changed brute force protection package from eluck:accounts-lockout to
 lucasantoniassi:accounts-lockout that is maintained and works. Added
 Snap/Docker/Source settings.

Thanks to xet7 !

Closes #1572,
closes #1821
---
 docker-compose.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'docker-compose.yml')

diff --git a/docker-compose.yml b/docker-compose.yml
index 454964e8..ef1580aa 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -221,6 +221,16 @@ services:
       # If you disable Wekan API with false, Export Board does not work.
       - WITH_API=true
       #---------------------------------------------------------------
+      # ==== PASSWORD BRUTE FORCE PROTECTION ====
+      #https://atmospherejs.com/lucasantoniassi/accounts-lockout
+      #Defaults below. Uncomment to change. wekan/server/accounts-lockout.js
+      #- ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE=3
+      #- ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD=60
+      #- ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW=15
+      #- ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE=3
+      #- ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD=60
+      #- ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW=15
+      #---------------------------------------------------------------
       # ==== EMAIL NOTIFICATION TIMEOUT, ms =====
       # Defaut: 30000 ms = 30s
       #- EMAIL_NOTIFICATION_TIMEOUT=30000
-- 
cgit v1.2.3-1-g7c22