Hello,
First of all, thank you very, very much for creating this wonderful application! I’ve been searching for something like Vikunja for quite some time and it was like a God-send when I stumbled upon it a week ago.
Now, I would like to suggest two small features:
- an option to hide the API selector on the front/login page - if one wishes to operate a small or home office, there is no need for this to be available; moreover, it might be a security risk, in my opinion, when Vikunka’s login page is exposed on the internet;
- an easier way to add subtasks in a list and having them indented under the parent task, instead of with “>”.
I would be very grateful if you considered these.
Thank you once again!
James
1 Like
Hi James!
Thanks for the kind words.
If you configure the api url in the frontend there won’t be an input field for the api url, just as there is none on try. Another option would be to not install the frontend at the web server and just use the desktoop app exclusively. That would still require the api to be accessible though, either open in the internet or in your local network.
I’m wondering, how could it be a security risk when the Vikunja frontend is exposed to the internet?
There has been some discussion about the indention of sub tasks on the issue tracker.
1 Like
Much obliged for the quick reply!
Help me understand something about the API URL, please. I’m running both in Docker, with nginx reverse proxy (essentially, a stack in Portainer). If I add the following variable to the stack, would it do the trick (i.e. hiding the API field from the login page):
frontend:
image: vikunja/frontend
environment:
VIKUNJA_API_URL: 10.0.0.10:3456
restart: unless-stopped
Yes, that should work. You’ll need to prefix the url with http:// though.
I did, but the API field is still visible. Should I disable the proxy in the stack and just set a port for the frontend?
Well, both - the first one is visible and when you click on “change” the URL field appears, albeit populated. I was hoping there was a way to hide the whole “Sign in to your Vikunja account on…” section.
Ah now I understand what you mean. I thought you only talked about the url field.
There is no way to hide the whole section.
Right. Well, if you could see your way to addting this as an option, that would be marvelous.
The “problem” is that the frontend is stateless - there’s no real way to configure things. (the docker container uses an env variable to do this in a startup script at runtime)
I’m not that well-versed in software development, but if the frontend is “built” (the way I understand it) at runtime, why not set an environment variable that simply tells Docker not to add this particular HTML element on the login page?
Kind of, a cleaner way would be to set a js global variable which controls if the input is shown or not. Then the docker startup script would set that like it does with the api url variable.
I’d merge a PR with that but probably won’t implement it myself anytime soon.
