diff --git a/README.md b/README.md index f5512b6..1a515b3 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,7 @@ With GoToSocial, you can keep in touch with your friends, post, read, and share Documentation is at [docs.gotosocial.org](https://docs.gotosocial.org). -**Shipped version:** 0.5.2~ynh2 +**Shipped version:** 0.6.0~ynh1 ## Screenshots diff --git a/README_fr.md b/README_fr.md index b89f90a..b5198fb 100644 --- a/README_fr.md +++ b/README_fr.md @@ -24,7 +24,7 @@ Avec GoToSocial, vous pouvez rester en contact avec vos amis, publier, lire et p Vous pouvez consulter la documentation à l'adresse : [docs.gotosocial.org](https://docs.gotosocial.org). -**Version incluse :** 0.5.2~ynh2 +**Version incluse :** 0.6.0~ynh1 ## Captures d'écran diff --git a/check_process b/check_process index d4a8bf6..29bba52 100644 --- a/check_process +++ b/check_process @@ -18,9 +18,9 @@ setup_private=0 setup_public=1 upgrade=1 - upgrade=1 from_commit=460048e78df8a195b1eca5994a4699079954b312 upgrade=1 from_commit=29c7d0df5dd6e3d90070f242b74cce980676cd72 upgrade=1 from_commit=5c1c052995a10d899abcb0e4d4fa1c1dc35f84a5 + upgrade=1 from_commit=1b6c1c62e022f04afa02bf128f419e77a72bf1e9 backup_restore=1 multi_instance=1 port_already_use=1 @@ -29,9 +29,9 @@ Email= Notification=none ;;; Upgrade options - ; commit=460048e78df8a195b1eca5994a4699079954b312 - name=0.2.1~ynh3 ; commit=29c7d0df5dd6e3d90070f242b74cce980676cd72 name=0.3.6~ynh1 ; commit=5c1c052995a10d899abcb0e4d4fa1c1dc35f84a5 name=v0.4.0~ynh1 + ; commit=1b6c1c62e022f04afa02bf128f419e77a72bf1e9 + name=0.5.2~ynh2 \ No newline at end of file diff --git a/conf/arm64.src b/conf/arm64.src index 7189ce0..1d614fc 100644 --- a/conf/arm64.src +++ b/conf/arm64.src @@ -1,7 +1,7 @@ -SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.5.2/gotosocial_0.5.2_linux_arm64.tar.gz -SOURCE_SUM=2397164501857c900a8b446763d1a87e01ada9502fc2878f1c828e33fb35f058 +SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.6.0/gotosocial_0.6.0_linux_arm64.tar.gz +SOURCE_SUM=a97b3aad81f72b990e9982686e6906599522cc8ec442d1e2d02ebba03b125168 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_EXTRACT=true SOURCE_IN_SUBDIR=false -SOURCE_FILENAME=gotosocial_0.5.2_linux_arm64.tar.gz +SOURCE_FILENAME=gotosocial_0.6.0_linux_arm64.tar.gz diff --git a/conf/armv6.src b/conf/armv6.src index ff4e4d1..03fc737 100644 --- a/conf/armv6.src +++ b/conf/armv6.src @@ -1,7 +1,7 @@ -SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.5.2/gotosocial_0.5.2_linux_armv6.tar.gz -SOURCE_SUM=b34a2eec1a043c36f53aac099fff71b6ae152050b43eeb8447907bda61e44159 +SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.6.0/gotosocial_0.6.0_linux_armv6.tar.gz +SOURCE_SUM=10e3d227e738fd58ee6a1dca778667dbbc63933640a168b9cc5fc97203c7f26c SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_EXTRACT=true SOURCE_IN_SUBDIR=false -SOURCE_FILENAME=gotosocial_0.5.2_linux_armv6.tar.gz +SOURCE_FILENAME=gotosocial_0.6.0_linux_armv6.tar.gz diff --git a/conf/armv7.src b/conf/armv7.src index 3ebec5a..adf827d 100644 --- a/conf/armv7.src +++ b/conf/armv7.src @@ -1,7 +1,7 @@ -SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.5.2/gotosocial_0.5.2_linux_armv7.tar.gz -SOURCE_SUM=aacb6095d28ad3fb3ec34083d8a875023591777e7239a95847b04ee8bcd83d8d +SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.6.0/gotosocial_0.6.0_linux_armv7.tar.gz +SOURCE_SUM=e9f1cc03b18faeae2009781c6a2f6f9138c37aa85f4b2c5954c12a4798ed6208 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_EXTRACT=true SOURCE_IN_SUBDIR=false -SOURCE_FILENAME=gotosocial_0.5.2_linux_armv7.tar.gz +SOURCE_FILENAME=gotosocial_0.6.0_linux_armv7.tar.gz diff --git a/conf/config.yaml b/conf/config.yaml index 1dbde53..3a1c976 100644 --- a/conf/config.yaml +++ b/conf/config.yaml @@ -35,6 +35,11 @@ log-db-queries: false # Default: "gotosocial" application-name: "__APP__" +# String. The user that will be shown instead of the landing page. if no user is set, the landing page will be shown. +# Examples: "admin" +# Default: "" +landing-page-user: "__LANDING_PAGE_USER__" + # String. Hostname that this server will be reachable at. Defaults to localhost for local testing, # but you should *definitely* change this when running for real, or your server won't work at all. # DO NOT change this after your server has already run once, or you will break things! @@ -45,12 +50,20 @@ host: "__DOMAIN__" # String. Domain to use when federating profiles. This is useful when you want your server to be at # eg., "gts.example.org", but you want the domain on accounts to be "example.org" because it looks better # or is just shorter/easier to remember. +# # To make this setting work properly, you need to redirect requests at "example.org/.well-known/webfinger" # to "gts.example.org/.well-known/webfinger" so that GtS can handle them properly. +# # You should also redirect requests at "example.org/.well-known/nodeinfo" in the same way. # An empty string (ie., not set) means that the same value as 'host' will be used. +# # DO NOT change this after your server has already run once, or you will break things! +# # Examples: ["example.org","server.com"] +# +# Please read the appropriate section of the installation guide before you go messing around with this setting: +# https://docs.gotosocial.org/installation_guide/advanced/#can-i-host-my-instance-at-fediexampleorg-but-have-just-exampleorg-in-my-username +# # Default: "" account-domain: "" @@ -84,9 +97,10 @@ port: __PORT__ # If you're running inside a Docker container behind Traefik or Nginx, for example, add the subnet of your docker network, # or the gateway of the docker network, and/or the address of the reverse proxy (if it's not running on the host network). # Example: ["127.0.0.1/32", "172.20.0.1"] -# Default: ["127.0.0.1/32"] (localhost) +# Default: ["127.0.0.1/32", "::1"] (localhost ipv4 + ipv6) trusted-proxies: - "127.0.0.1/32" + - "::1" ############################ ##### DATABASE CONFIG ###### @@ -186,6 +200,13 @@ instance-expose-peers: __INSTANCE_EXPOSE_PEERS__ # Default: false instance-expose-suspended: __INSTANCE_EXPOSE_SUSPENDED__ +# Bool. Allow unauthenticated users to make queries to /api/v1/timelines/public in order +# to see a list of public posts on this server. Even if set to 'false', then authenticated +# users (members of the instance) will still be able to query the endpoint. +# Options: [true, false] +# Default: false +instance-expose-public-timeline: __INSTANCE_EXPOSE_PUBLIC_TIMELINE__ + # Bool. This flag tweaks whether GoToSocial will deliver ActivityPub messages # to the shared inbox of a recipient, if one is available, instead of delivering # each message to each actor who should receive a message individually. @@ -298,12 +319,12 @@ media-emoji-remote-max-size: __MEDIA_EMOJI_REMOTE_MAX_SIZE__ # String. Type of storage backend to use. # Examples: ["local", "s3"] # Default: "local" (storage on local disk) -# NOTE: s3 storage is not yet supported! -storage-backend: "local" +storage-backend: "__STORAGE_BACKEND__" # String. Directory to use as a base path for storing files. # Make sure whatever user/group gotosocial is running as has permission to access # this directory, and create new subdirectories and files within it. +# Only required when running with the local storage backend. # Examples: ["/home/gotosocial/storage", "/opt/gotosocial/datastorage"] # Default: "/gotosocial/storage" storage-local-base-path: "__DATADIR__" @@ -312,20 +333,25 @@ storage-local-base-path: "__DATADIR__" # Only required when running with the s3 storage backend. # Examples: ["minio:9000", "s3.nl-ams.scw.cloud", "s3.us-west-002.backblazeb2.com"] # Default: "" -storage-s3-endpoint: "" +storage-s3-endpoint: "__STORAGE_S3_ENDPOINT__" + +# Bool. If data stored in S3 should be proxied through GoToSocial instead of redirecting to a presigned URL. +# +# Default: false +storage-s3-proxy: __STORAGE_S3_PROXY__ # String. Access key part of the S3 credentials. # Consider setting this value using environment variables to avoid leaking it via the config file # Only required when running with the s3 storage backend. # Examples: ["AKIAJSIE27KKMHXI3BJQ","miniouser"] # Default: "" -storage-s3-access-key: "" +storage-s3-access-key: "__STORAGE_S3_ACCESS_KEY__" # String. Secret key part of the S3 credentials. # Consider setting this value using environment variables to avoid leaking it via the config file # Only required when running with the s3 storage backend. # Examples: ["5bEYu26084qjSFyclM/f2pz4gviSfoOg+mFwBH39","miniopassword"] # Default: "" -storage-s3-secret-key: "" +storage-s3-secret-key: "__STORAGE_S3_SECRET_KEY__" # String. Name of the storage bucket. # # If you have already encoded your bucket name in the storage-s3-endpoint, this @@ -336,7 +362,7 @@ storage-s3-secret-key: "" # Only required when running with the s3 storage backend. # Examples: ["gts","cool-instance"] # Default: "" -storage-s3-bucket: "" +storage-s3-bucket: "__STORAGE_S3_BUCKET__" ########################### ##### STATUSES CONFIG ##### @@ -550,4 +576,21 @@ syslog-address: "localhost:514" # # Options: ["lax", "strict"] # Default: "lax" -advanced-cookies-samesite: "lax" +advanced-cookies-samesite: "__ADVANCED_COOKIES_SAMESITE__" + +# Int. Amount of requests to permit from a single IP address within a span of 5 minutes. +# If this amount is exceeded, a 429 HTTP error code will be returned. +# See https://docs.gotosocial.org/en/latest/api/swagger/#rate-limit. +# +# If you find yourself adjusting this limit because it's regularly being exceeded, +# you should first verify that your settings for `trusted-proxies` (above) are correct. +# In many cases, when the rate limit is exceeded it is because your instance sees all +# incoming requests as coming from the *same IP address* (you can verify this by looking +# at the client IPs in your instance logs). If this is the case, try adding that IP +# address to your `trusted-proxies` *BEFORE* you go adjusting this rate limit setting! +# +# If you set this to 0 or less, rate limiting will be disabled entirely. +# +# Examples: [1000, 500, 0] +# Default: 1000 +advanced-rate-limit-requests: __ADVANCED_RATE_LIMIT_REQUESTS__ diff --git a/conf/i386.src b/conf/i386.src index 954905d..a6df2ed 100644 --- a/conf/i386.src +++ b/conf/i386.src @@ -1,7 +1,7 @@ -SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.5.2/gotosocial_0.5.2_linux_386.tar.gz -SOURCE_SUM=2963a38f686011f451424152b12db7dc1f0833135b8fb007c44f9f9cb4e5f823 +SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.6.0/gotosocial_0.6.0_linux_386.tar.gz +SOURCE_SUM=228cf5dac5f8fda9a9711963b6834ca782ed553207e78dc6f8132f30c4aa318f SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_EXTRACT=true SOURCE_IN_SUBDIR=false -SOURCE_FILENAME=gotosocial_0.5.2_linux_386.tar.gz +SOURCE_FILENAME=gotosocial_0.6.0_linux_386.tar.gz diff --git a/conf/x86-64.src b/conf/x86-64.src index e87a1f0..7f3b436 100644 --- a/conf/x86-64.src +++ b/conf/x86-64.src @@ -1,7 +1,7 @@ -SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.5.2/gotosocial_0.5.2_linux_amd64.tar.gz -SOURCE_SUM=44f93be505646e1b144896032bed37984acf1dc3a0435b3bb7bbc8354a06369b +SOURCE_URL=https://github.com/superseriousbusiness/gotosocial/releases/download/v0.6.0/gotosocial_0.6.0_linux_amd64.tar.gz +SOURCE_SUM=4d7e2a569b625e5854ff00f5c0574870a3643d74821cfe7f923e0408ff3db2fc SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_EXTRACT=true SOURCE_IN_SUBDIR=false -SOURCE_FILENAME=gotosocial_0.5.2_linux_amd64.tar.gz +SOURCE_FILENAME=gotosocial_0.6.0_linux_amd64.tar.gz diff --git a/config_panel.toml b/config_panel.toml index 1a5a4a6..681af8a 100644 --- a/config_panel.toml +++ b/config_panel.toml @@ -1,10 +1,11 @@ version = "1.0" -[gotosocial] +[main] services = ["__APP__"] -name = "GoToSocial configuration panel" +name.en = "Main configuration" +name.fr = "Configuration principale" help = "Here you can easily configure some things about your GoToSocial instance." @@ -12,13 +13,13 @@ help = "Here you can easily configure some things about your GoToSocial instance #### ACCOUNTS CONFIG #################### -[gotosocial.accounts] +[main.accounts] name = "Accounts config" help = "Config pertaining to creation and maintenance of accounts on the server, as well as defaults for new accounts." -[gotosocial.accounts.registration_open] +[main.accounts.registration_open] ask.en = "Open registrations?" ask.fr = "Inscriptions ouvertes ?" bind = "accounts-registration-open:__FINALPATH__/config.yaml" @@ -28,7 +29,7 @@ help.en = "Do we want people to be able to just submit sign up requests, or do w help.fr = "Voulez-vous que les gens puissent simplement envoyer des demandes d'inscription, ou voulez-vous qu'iels doivent être invité-e-s ?" type = "select" -[gotosocial.accounts.approval_required] +[main.accounts.approval_required] ask.en = "Approval required?" ask.fr = "Validation requise ?" bind = "accounts-approval-required:__FINALPATH__/config.yaml" @@ -38,7 +39,7 @@ help.en = "Do sign up requests require approval from an admin/moderator before a help.fr = "Les demandes d'inscription doivent-elles être approuvées par un-e administrateur-ice/modérateur-ice avant qu'un compte puisse se connecter/utiliser le serveur ?" type = "select" -[gotosocial.accounts.reason_required] +[main.accounts.reason_required] ask.en = "Reason required?" ask.fr = "Motif requis ?" bind = "accounts-reason-required:__FINALPATH__/config.yaml" @@ -48,7 +49,7 @@ help.en = "Are sign up requests required to submit a reason for the request (eg. help.fr = "Les demandes d'inscription doivent-elles être motivées (par exemple, par une explication de la raison pour laquelle la personne souhaite rejoindre l'instance) ?" type = "select" -[gotosocial.accounts.allow_custom_css] +[main.accounts.allow_custom_css] ask.en = "Allow custom CSS?" ask.fr = "Autoriser le CSS personnalisé ?" bind = "accounts-allow-custom-css:__FINALPATH__/config.yaml" @@ -68,12 +69,12 @@ type = "select" #### MEDIA CONFIG ################# -[gotosocial.media] +[main.media] name = "Media config" help = "Config pertaining to user media uploads (videos, image, image descriptions)." -[gotosocial.media.media_image_max_size] +[main.media.media_image_max_size] ask.en = "Maximum allowed image upload size in bytes." ask.fr = "Taille maximale autorisée pour le téléchargement d'images, en octets." bind = "media-image-max-size:__FINALPATH__/config.yaml" @@ -82,7 +83,7 @@ help.en = "Default: 2097152 -- aka 2MB" help.fr = "Valeur par défaut : 2097152 (soit 2 Mo)" type = "number" -[gotosocial.media.media_video_max_size] +[main.media.media_video_max_size] ask.en = "Maximum allowed video upload size in bytes." ask.fr = "Taille maximale autorisée pour le téléchargement de vidéos, en octets." bind = "media-video-max-size:__FINALPATH__/config.yaml" @@ -91,7 +92,7 @@ help.en = "Default: 10485760 -- aka 10MB" help.fr = "Valeur par défaut : 10485760 (soit 10 Mo)" type = "number" -[gotosocial.media.media_description_min_chars] +[main.media.media_description_min_chars] ask.en = "Minimum amount of characters required as an image or video description." ask.fr = "Nombre minimum de caractères requis pour la description d'une image ou d'une vidéo." bind = "media-description-min-chars:__FINALPATH__/config.yaml" @@ -100,7 +101,7 @@ help.en = "Default: 0 (not required)" help.fr = "Valeur par défaut : 0 (non obligatoire)" type = "number" -[gotosocial.media.media_description_max_chars] +[main.media.media_description_max_chars] ask.en = "Maximum amount of characters permitted in an image or video description." ask.fr = "Nombre maximum de caractères requis pour la description d'une image ou d'une vidéo." bind = "media-description-max-chars:__FINALPATH__/config.yaml" @@ -109,7 +110,7 @@ help.en = "Default: 500" help.fr = "Valeur par défaut : 500" type = "number" -[gotosocial.media.media_remote_cache_days] +[main.media.media_remote_cache_days] ask.en = "Number of days to cache media from remote instances before they are removed from the cache." ask.fr = "Nombre de jours de mise en cache des médias des instances distantes avant qu'ils ne soient retirés du cache." bind = "media-remote-cache-days:__FINALPATH__/config.yaml" @@ -126,7 +127,7 @@ Si la valeur 0 est attribuée à ce paramètre, les médias des instances distan """ type = "number" -[gotosocial.media.media_emoji_local_max_size] +[main.media.media_emoji_local_max_size] ask.en = "Max size in bytes of emojis uploaded to this instance via the admin API." ask.fr = "Taille maximale en octets des emojis téléchargés vers cette instance via l'API d'administration." bind = "media-emoji-local-max-size:__FINALPATH__/config.yaml" @@ -139,7 +140,7 @@ La valeur par défaut est la même que la limite de taille des emojis de Mastodo Si vous augmentez cette limite, vous risquez d'avoir des problèmes avec la fédération de vos emojis à d'autres instances, alors faites preuve de prudence.""" type = "number" -[gotosocial.media.media_emoji_remote_max_size] +[main.media.media_emoji_remote_max_size] ask.en = "Max size in bytes of emojis to download from other instances." ask.fr = "Taille maximale en octets des emojis téléchargeables à partir d'autres instances." bind = "media-emoji-remote-max-size:__FINALPATH__/config.yaml" @@ -156,12 +157,12 @@ type = "number" ### STATUSES CONFIG ################### -[gotosocial.statuses] +[main.statuses] name = "Status config" help = "Config pertaining to the creation of statuses/posts, and permitted limits." -[gotosocial.statuses.statuses_max_chars] +[main.statuses.statuses_max_chars] ask.en = "Maximum amount of characters permitted for a new status." ask.fr = "Nombre maximal de caractères autorisés pour un nouveau statut." bind = "statuses-max-chars:__FINALPATH__/config.yaml" @@ -170,7 +171,7 @@ help.en = "Default: 5000. Note that going way higher than the default might brea help.fr = "Valeur par défaut : 5000. Notez que si vous dépassez la valeur par défaut, vous risquez de compromettre la fédération." type = "number" -[gotosocial.statuses.statuses_cw_max_chars] +[main.statuses.statuses_cw_max_chars] ask.en = "Maximum amount of characters allowed in the CW/subject header of a status." ask.fr = "Nombre maximum de caractères autorisés dans l'en-tête CW/sujet d'un statut." bind = "statuses-cw-max-chars:__FINALPATH__/config.yaml" @@ -179,7 +180,7 @@ help.en = "Default: 100. Note that going way higher than the default might break help.fr = "Valeur par défaut : 100. Notez que si vous dépassez la valeur par défaut, vous risquez de compromettre la fédération." type = "number" -[gotosocial.statuses.statuses_poll_max_options] +[main.statuses.statuses_poll_max_options] ask.en = "Maximum amount of options to permit when creating a new poll." ask.fr = "Nombre maximum d'options autorisées lors de la création d'un nouveau sondage." bind = "statuses-poll-max-options:__FINALPATH__/config.yaml" @@ -188,7 +189,7 @@ help.en = "Default: 6. Note that going way higher than the default might break f help.fr = "Valeur par défaut : 6. Notez que si vous dépassez la valeur par défaut, vous risquez de compromettre la fédération." type = "number" -[gotosocial.statuses.statuses_poll_option_max_chars] +[main.statuses.statuses_poll_option_max_chars] ask.en = "Maximum amount of characters to permit per poll option when creating a new poll." ask.fr = "Nombre maximal de caractères autorisés par option de sondage lors de la création d'un nouveau sondage." bind = "statuses-poll-option-max-chars:__FINALPATH__/config.yaml" @@ -197,7 +198,7 @@ help.en = "Default: 50. Note that going way higher than the default might break help.fr = "Valeur par défaut : 50. Notez que si vous dépassez la valeur par défaut, vous risquez de compromettre la fédération." type = "number" -[gotosocial.statuses.statuses_media_max_files] +[main.statuses.statuses_media_max_files] ask.en = "Maximum amount of media files that can be attached to a new status." ask.fr = "Quantité maximale de fichiers multimédias qui peuvent être joints à un nouveau statut." bind = "statuses-media-max-files:__FINALPATH__/config.yaml" @@ -210,13 +211,21 @@ type = "number" #### INSTANCE CONFIG #################### -[gotosocial.instance] +[main.instance] name = "Instance config" help = "Config pertaining to instance federation settings, pages to hide/expose, etc." -[gotosocial.instance.instance_expose_peers] +[main.instance.landing_page_user] +ask.en = "Landing page user" +ask.fr = "Utilisateurice en tant que page d'accueil" +bind = "landing-page-user:__FINALPATH__/config.yaml" +help.en = "The user that will be shown instead of the landing page. if no user is set, the landing page will be shown." +help.fr = "L'utilisateurice qui sera affiché-e à la place de la page d'accueil. Si le champ est laissé vide, la page d'accueil normale sera affichée." +type = "string" + +[main.instance.instance_expose_peers] ask.en = "API: Expose peers?" ask.fr = "API : Exposer les pairs ?" bind = "instance-expose-peers:__FINALPATH__/config.yaml" @@ -226,7 +235,7 @@ help.en = "Allow unauthenticated users to make queries to /api/v1/instance/peers help.fr = "Permet aux utilisateurs non authentifiés d'effectuer des requêtes API sur /api/v1/instance/peers?filter=open afin d'afficher la liste des instances avec lesquelles votre instance est en relation. Même s'il est défini à 'false', les utilisateurs authentifiés (membres de l'instance) seront toujours en mesure d'interroger l'API." type = "select" -[gotosocial.instance.instance_expose_suspended] +[main.instance.instance_expose_suspended] ask.en = "API: Expose suspended?" ask.fr = "API : Exposer les instances bloquées ?" bind = "instance-expose-suspended:__FINALPATH__/config.yaml" @@ -236,7 +245,17 @@ help.en = "Allow unauthenticated users to make queries to /api/v1/instance/peers help.fr = "Permet aux utilisateurs non authentifiés d'effectuer des requêtes API sur /api/v1/instance/peers?filter=suspended afin de voir la liste des instances bloquées ou suspendues par votre instance. Cela permettra également aux utilisateurs non authentifiés de consulter la liste via l'interface Web. Même s'il est défini à 'false', les utilisateurs authentifiés (membres de l'instance) seront toujours en mesure d'interroger l'API." type = "select" -[gotosocial.instance.instance_deliver_to_shared_inboxes] +[main.instance.instance_expose_public_timeline] +ask.en = "API: Expose public timeline?" +ask.fr = "API : Exposer la timeline publique ?" +bind = "instance-expose-public-timeline:__FINALPATH__/config.yaml" +choices = ["true", "false"] +default = "false" +help.en = "Allow unauthenticated users to make queries to /api/v1/timelines/public in order to see a list of public posts on this server. Even if set to 'false', then authenticated users (members of the instance) will still be able to query the endpoint." +help.fr = "Permet aux utilisateurs non authentifiés d'effectuer des requêtes sur /api/v1/timelines/public afin de voir la liste des messages publics sur ce serveur. Même s'il est défini à 'false', les utilisateurs authentifiés (membres de l'instance) seront toujours en mesure d'interroger l'API." +type = "select" + +[main.instance.instance_deliver_to_shared_inboxes] ask.en = "Deliver to shared inboxes?" ask.fr = "Envoi en boites partagées ?" bind = "instance-deliver-to-shared-inboxes:__FINALPATH__/config.yaml" @@ -249,3 +268,41 @@ help.fr = """Ce paramètre détermine si GoToSocial livrera les messages Activit La livraison dans la boîte de réception partagée peut réduire de manière significative la charge du réseau lorsque la livraison à plusieurs destinataires partagent une boîte de réception (par exemple, sur les grandes instances Mastodon).\ Voir : https://www.w3.org/TR/activitypub/#shared-inbox-delivery""" type = "select" + +#################### +#### ADVANCED SETTINGS +#################### + +[main.advanced] + +name = "Advanced settings" + +help = "Settings pertaining to http timeouts, security, cookies, and more. ⚠️ ONLY ADJUST THESE SETTINGS IF YOU KNOW WHAT YOU ARE DOING! ⚠️" + +[main.advanced.advanced_cookies_samesite] +ask.en = "Value of the SameSite attribute of cookies set by GoToSocial." +ask.fr = "Valeur de l'attribut SameSite des cookies définis par GoToSocial." +bind = "advanced-cookies-samesite:__FINALPATH__/config.yaml" +choices = ["lax", "strict"] +default = "lax" +help.en = """Defaults to 'lax' to ensure that the OIDC flow does not break, which is fine in most cases.\ +If you want to harden your instance against CSRF attacks and don't mind if some login-related things might break, you can set this to 'strict' instead.\ +For an overview of what this does, see:\ +https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite""" +help.fr = "" +type = "select" + +[main.advanced.advanced_rate_limit_requests] +ask.en = "Amount of requests to permit from a single IP address within a span of 5 minutes." +ask.fr = "Nombre de requêtes autorisées à partir d'une seule adresse IP dans un délai de 5 minutes." +bind = "advanced-rate-limit-requests:__FINALPATH__/config.yaml" +default = "1000" +help.en = """Default: 1000\ +If this amount is exceeded, a 429 HTTP error code will be returned.\ +See https://docs.gotosocial.org/en/latest/api/swagger/#rate-limit.\ +If you find yourself adjusting this limit because it's regularly being exceeded, you should first verify that your settings for `trusted-proxies` are correct.\ +In many cases, when the rate limit is exceeded it is because your instance sees all incoming requests as coming from the *same IP address* (you can verify this by looking at the client IPs in your instance logs).\ +If this is the case, try adding that IP address to your `trusted-proxies` *BEFORE* you go adjusting this rate limit setting!\ +If you set this to 0 or less, rate limiting will be disabled entirely.""" +help.fr = "Valeur par défaut : 1000" +type = "number" diff --git a/manifest.json b/manifest.json index f75ab36..d74b2e1 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "An ActivityPub social network server, written in Golang.", "fr": "Un serveur de réseau social basé sur ActivityPub écrit en Golang." }, - "version": "0.5.2~ynh2", + "version": "0.6.0~ynh1", "url": "https://github.com/superseriousbusiness/gotosocial", "upstream": { "license": "AGPL-3.0-only", @@ -33,10 +33,10 @@ "install": [ { "name": "alpha_software", - "type": "display_text", + "type": "alert", "ask": { - "en": "Please note that GoToSocial is in early development stage. It may contain changing or unstable features, bugs, and security vulnerability.", - "fr": "Veuillez noter que GoToSocial est au tout début de son développment. Il pourrait contenir des fonctionnalités changeantes ou instables, des bugs, et des failles de sécurité." + "en": "⚠️ Please note that GoToSocial is in early development stage. It may contain changing or unstable features, bugs, and security vulnerability.", + "fr": "⚠️ Veuillez noter que GoToSocial est au début de son développment. Il pourrait contenir des fonctionnalités changeantes ou instables, des bugs, et des failles de sécurité." } }, { diff --git a/scripts/install b/scripts/install index 7940aed..b995941 100755 --- a/scripts/install +++ b/scripts/install @@ -26,6 +26,8 @@ ynh_abort_if_errors app="$YNH_APP_INSTANCE_NAME" +landing_page_user="" + domain="$YNH_APP_ARG_DOMAIN" path_url="/" @@ -44,6 +46,7 @@ accounts_allow_custom_css="false" instance_expose_peers="false" instance_expose_suspended="false" +instance_expose_public_timeline="false" instance_deliver_to_shared_inboxes="true" media_image_max_size="10485760" @@ -54,12 +57,22 @@ media_remote_cache_days="30" media_emoji_local_max_size="51200" media_emoji_remote_max_size="102400" +storage_backend="local" +storage_s3_endpoint="" +storage_s3_proxy="false" +storage_s3_access_key="" +storage_s3_secret_key="" +storage_s3_bucket="" + statuses_max_chars="5000" statuses_cw_max_chars="100" statuses_poll_max_options="6" statuses_poll_option_max_chars="50" statuses_media_max_files="6" +advanced_cookies_samesite="lax" +advanced_rate_limit_requests="1000" + #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= @@ -78,6 +91,8 @@ ynh_script_progression --message="Storing installation settings..." --weight=1 ynh_app_setting_set --app="$app" --key=final_path --value="$final_path" +ynh_app_setting_set --app="$app" --key=landing_page_user --value="$landing_page_user" + ynh_app_setting_set --app="$app" --key=domain --value="$domain" ynh_app_setting_set --app="$app" --key=path_url --value="$path_url" @@ -94,6 +109,7 @@ ynh_app_setting_set --app="$app" --key=accounts_allow_custom_css --value="$accou ynh_app_setting_set --app="$app" --key=instance_expose_peers --value="$instance_expose_peers" ynh_app_setting_set --app="$app" --key=instance_expose_suspended --value="$instance_expose_suspended" +ynh_app_setting_set --app="$app" --key=instance_expose_public_timeline --value="$instance_expose_public_timeline" ynh_app_setting_set --app="$app" --key=instance_deliver_to_shared_inboxes --value="$instance_deliver_to_shared_inboxes" ynh_app_setting_set --app="$app" --key=media_image_max_size --value="$media_image_max_size" @@ -104,12 +120,22 @@ ynh_app_setting_set --app="$app" --key=media_remote_cache_days --value="$media_r ynh_app_setting_set --app="$app" --key=media_emoji_local_max_size --value="$media_emoji_local_max_size" ynh_app_setting_set --app="$app" --key=media_emoji_remote_max_size --value="$media_emoji_remote_max_size" +ynh_app_setting_set --app="$app" --key=storage_backend --value="$storage_backend" +ynh_app_setting_set --app="$app" --key=storage_s3_endpoint --value="$storage_s3_endpoint" +ynh_app_setting_set --app="$app" --key=storage_s3_proxy --value="$storage_s3_proxy" +ynh_app_setting_set --app="$app" --key=storage_s3_access_key --value="$storage_s3_access_key" +ynh_app_setting_set --app="$app" --key=storage_s3_secret_key --value="$storage_s3_secret_key" +ynh_app_setting_set --app="$app" --key=storage_s3_bucket --value="$storage_s3_bucket" + ynh_app_setting_set --app="$app" --key=statuses_max_chars --value="$statuses_max_chars" ynh_app_setting_set --app="$app" --key=statuses_cw_max_chars --value="$statuses_cw_max_chars" ynh_app_setting_set --app="$app" --key=statuses_poll_max_options --value="$statuses_poll_max_options" ynh_app_setting_set --app="$app" --key=statuses_poll_option_max_chars --value="$statuses_poll_option_max_chars" ynh_app_setting_set --app="$app" --key=statuses_media_max_files --value="$statuses_media_max_files" +ynh_app_setting_set --app="$app" --key=advanced_cookies_samesite --value="$advanced_cookies_samesite" +ynh_app_setting_set --app="$app" --key=advanced_rate_limit_requests --value="$advanced_rate_limit_requests" + #================================================= # STANDARD MODIFICATIONS #================================================= diff --git a/scripts/restore b/scripts/restore index d09ffbd..7eff40c 100755 --- a/scripts/restore +++ b/scripts/restore @@ -30,6 +30,8 @@ app="$YNH_APP_INSTANCE_NAME" final_path=$(ynh_app_setting_get --app="$app" --key=final_path) +landing_page_user=$(ynh_app_setting_get --app="$app" --key=landing_page_user) + domain=$(ynh_app_setting_get --app="$app" --key=domain) port=$(ynh_app_setting_get --app="$app" --key=port) path_url=$(ynh_app_setting_get --app="$app" --key=path_url) @@ -37,20 +39,35 @@ path_url=$(ynh_app_setting_get --app="$app" --key=path_url) client_max_body_size=$(ynh_app_setting_get --app="$app" --key=client_max_body_size) db_name=$(ynh_app_setting_get --app="$app" --key=db_name) -db_user=$db_name +db_user=$(ynh_app_setting_get --app="$app" --key=db_user) db_pwd=$(ynh_app_setting_get --app="$app" --key=db_pwd) datadir=$(ynh_app_setting_get --app="$app" --key=datadir) -registration_open=$(ynh_app_setting_get --app="$app" --key=registration_open) -registration_approval=$(ynh_app_setting_get --app="$app" --key=registration_approval) -registration_reason=$(ynh_app_setting_get --app="$app" --key=registration_reason) +instance_expose_peers=$(ynh_app_setting_get --app="$app" --key=instance_expose_peers) +instance_expose_suspended=$(ynh_app_setting_get --app="$app" --key=instance_expose_suspended) +instance_expose_public_timeline=$(ynh_app_setting_get --app="$app" --key=instance_expose_public_timeline) +instance_deliver_to_shared_inboxes=$(ynh_app_setting_get --app="$app" --key=instance_deliver_to_shared_inboxes) + +accounts_registration_open=$(ynh_app_setting_get --app="$app" --key=accounts_registration_open) +accounts_approval_required=$(ynh_app_setting_get --app="$app" --key=accounts_approval_required) +accounts_reason_required=$(ynh_app_setting_get --app="$app" --key=accounts_reason_required) +accounts_allow_custom_css=$(ynh_app_setting_get --app="$app" --key=accounts_allow_custom_css) media_image_max_size=$(ynh_app_setting_get --app="$app" --key=media_image_max_size) media_video_max_size=$(ynh_app_setting_get --app="$app" --key=media_video_max_size) media_description_min_chars=$(ynh_app_setting_get --app="$app" --key=media_description_min_chars) media_description_max_chars=$(ynh_app_setting_get --app="$app" --key=media_description_max_chars) media_remote_cache_days=$(ynh_app_setting_get --app="$app" --key=media_remote_cache_days) +media_emoji_local_max_size=$(ynh_app_setting_get --app="$app" --key=media_emoji_local_max_size) +media_emoji_remote_max_size=$(ynh_app_setting_get --app="$app" --key=media_emoji_remote_max_size) + +storage_backend=$(ynh_app_setting_get --app="$app" --key=storage_backend) +storage_s3_endpoint=$(ynh_app_setting_get --app="$app" --key=storage_s3_endpoint) +storage_s3_proxy=$(ynh_app_setting_get --app="$app" --key=storage_s3_proxy) +storage_s3_access_key=$(ynh_app_setting_get --app="$app" --key=storage_s3_access_key) +storage_s3_secret_key=$(ynh_app_setting_get --app="$app" --key=storage_s3_secret_key) +storage_s3_bucket=$(ynh_app_setting_get --app="$app" --key=storage_s3_bucket) statuses_max_chars=$(ynh_app_setting_get --app="$app" --key=statuses_max_chars) statuses_cw_max_chars=$(ynh_app_setting_get --app="$app" --key=statuses_cw_max_chars) @@ -58,6 +75,9 @@ statuses_poll_max_options=$(ynh_app_setting_get --app="$app" --key=statuses_poll statuses_poll_option_max_chars=$(ynh_app_setting_get --app="$app" --key=statuses_poll_option_max_chars) statuses_media_max_files=$(ynh_app_setting_get --app="$app" --key=statuses_media_max_files) +advanced_cookies_samesite=$(ynh_app_setting_get --app="$app" --key=advanced_cookies_samesite) +advanced_rate_limit_requests=$(ynh_app_setting_get --app="$app" --key=advanced_rate_limit_requests) + #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index fb4703b..3856f6d 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -18,6 +18,8 @@ app="$YNH_APP_INSTANCE_NAME" final_path=$(ynh_app_setting_get --app="$app" --key=final_path) +landing_page_user=$(ynh_app_setting_get --app="$app" --key=landing_page_user) + domain=$(ynh_app_setting_get --app="$app" --key=domain) port=$(ynh_app_setting_get --app="$app" --key=port) path_url=$(ynh_app_setting_get --app="$app" --key=path_url) @@ -32,6 +34,7 @@ datadir=$(ynh_app_setting_get --app="$app" --key=datadir) instance_expose_peers=$(ynh_app_setting_get --app="$app" --key=instance_expose_peers) instance_expose_suspended=$(ynh_app_setting_get --app="$app" --key=instance_expose_suspended) +instance_expose_public_timeline=$(ynh_app_setting_get --app="$app" --key=instance_expose_public_timeline) instance_deliver_to_shared_inboxes=$(ynh_app_setting_get --app="$app" --key=instance_deliver_to_shared_inboxes) accounts_registration_open=$(ynh_app_setting_get --app="$app" --key=accounts_registration_open) @@ -47,12 +50,22 @@ media_remote_cache_days=$(ynh_app_setting_get --app="$app" --key=media_remote_ca media_emoji_local_max_size=$(ynh_app_setting_get --app="$app" --key=media_emoji_local_max_size) media_emoji_remote_max_size=$(ynh_app_setting_get --app="$app" --key=media_emoji_remote_max_size) +storage_backend=$(ynh_app_setting_get --app="$app" --key=storage_backend) +storage_s3_endpoint=$(ynh_app_setting_get --app="$app" --key=storage_s3_endpoint) +storage_s3_proxy=$(ynh_app_setting_get --app="$app" --key=storage_s3_proxy) +storage_s3_access_key=$(ynh_app_setting_get --app="$app" --key=storage_s3_access_key) +storage_s3_secret_key=$(ynh_app_setting_get --app="$app" --key=storage_s3_secret_key) +storage_s3_bucket=$(ynh_app_setting_get --app="$app" --key=storage_s3_bucket) + statuses_max_chars=$(ynh_app_setting_get --app="$app" --key=statuses_max_chars) statuses_cw_max_chars=$(ynh_app_setting_get --app="$app" --key=statuses_cw_max_chars) statuses_poll_max_options=$(ynh_app_setting_get --app="$app" --key=statuses_poll_max_options) statuses_poll_option_max_chars=$(ynh_app_setting_get --app="$app" --key=statuses_poll_option_max_chars) statuses_media_max_files=$(ynh_app_setting_get --app="$app" --key=statuses_media_max_files) +advanced_cookies_samesite=$(ynh_app_setting_get --app="$app" --key=advanced_cookies_samesite) +advanced_rate_limit_requests=$(ynh_app_setting_get --app="$app" --key=advanced_rate_limit_requests) + #================================================= # CHECK VERSION #================================================= @@ -185,6 +198,33 @@ then ynh_app_setting_set --app="$app" --key=media_emoji_remote_max_size --value="$media_emoji_remote_max_size" fi +# Upgrade from <0.6.0~ynh1: +if ynh_compare_current_package_version --comparison lt --version 0.6.0~ynh1 || [ -z "$instance_expose_public_timeline" ] +then + # declaration of new parameters + landing_page_user="" + instance_expose_public_timeline="false" + storage_backend="local" + storage_s3_endpoint="" + storage_s3_proxy="false" + storage_s3_access_key="" + storage_s3_secret_key="" + storage_s3_bucket="" + advanced_cookies_samesite="lax" + advanced_rate_limit_requests="1000" + # registration of new parameters + ynh_app_setting_set --app="$app" --key=landing_page_user --value="$landing_page_user" + ynh_app_setting_set --app="$app" --key=instance_expose_public_timeline --value="$instance_expose_public_timeline" + ynh_app_setting_set --app="$app" --key=storage_backend --value="$storage_backend" + ynh_app_setting_set --app="$app" --key=storage_s3_endpoint --value="$storage_s3_endpoint" + ynh_app_setting_set --app="$app" --key=storage_s3_proxy --value="$storage_s3_proxy" + ynh_app_setting_set --app="$app" --key=storage_s3_access_key --value="$storage_s3_access_key" + ynh_app_setting_set --app="$app" --key=storage_s3_secret_key --value="$storage_s3_secret_key" + ynh_app_setting_set --app="$app" --key=storage_s3_bucket --value="$storage_s3_bucket" + ynh_app_setting_set --app="$app" --key=advanced_cookies_samesite --value="$advanced_cookies_samesite" + ynh_app_setting_set --app="$app" --key=advanced_rate_limit_requests --value="$advanced_rate_limit_requests" +fi + #================================================= # CREATE DEDICATED USER #=================================================