diff --git a/conf/config.yaml b/conf/config.yaml index b88c9f1..c89650f 100644 --- a/conf/config.yaml +++ b/conf/config.yaml @@ -290,6 +290,14 @@ cache: follow-request-ttl: "30m" follow-request-sweep-freq: "1m" + list-max-size: 2000 + list-ttl: "30m" + list-sweep-freq: "1m" + + list-entry-max-size: 2000 + list-entry-ttl: "30m" + list-entry-sweep-freq: "1m" + media-max-size: 1000 media-ttl: "30m" media-sweep-freq: "1m" @@ -426,6 +434,13 @@ accounts-reason-required: __ACCOUNTS_REASON_REQUIRED__ # Default: false accounts-allow-custom-css: __ACCOUNTS_ALLOW_CUSTOM_CSS__ +# Int. If accounts-allow-custom-css is true, this is the permitted length in characters for +# CSS uploaded by accounts on this instance. No effect if accounts-allow-custom-css is false. +# +# Examples: [500, 5000, 9999] +# Default: 10000 +accounts-custom-css-length: 10000 + ######################## ##### MEDIA CONFIG ##### ######################## @@ -800,6 +815,57 @@ tracing-endpoint: "" # Default: false tracing-insecure-transport: false +################################ +##### HTTP CLIENT SETTINGS ##### +################################ + +# Settings for OUTGOING http client connections used by GoToSocial to make +# requests to remote resources (status GETs, media GETs, inbox POSTs, etc). + +http-client: + + # Duration. Timeout to use for outgoing HTTP requests. If the timeout + # is exceeded, the connection to the remote server will be dropped. + # A value of 0s indicates no timeout: this is not advised! + # Examples: ["5s", "10s", "0s"] + # Default: "10s" + timeout: "10s" + + ######################################## + #### RESERVED IP RANGE EXCEPTIONS ###### + ######################################## + # + # Explicitly allow or block outgoing dialing within the provided IPv4/v6 CIDR ranges. + # + # By default, as a basic security precaution, GoToSocial blocks outgoing dialing within most "special-purpose" + # IP ranges. However, it may be desirable for admins with more exotic setups (proxies, funky NAT, etc) to + # explicitly override one or more of these otherwise blocked ranges. + # + # Each of the below allow/block config options accepts an array of IPv4 and/or IPv6 CIDR strings. + # For example, to override the hardcoded block of IPv4 and IPv6 dialing to localhost, set: + # + # allow-ips: ["127.0.0.1/32", "::1/128"]. + # + # You can also use YAML multi-line arrays to define these, but be diligent with indentation. + # + # When dialing, GoToSocial will first check if the destination falls within explicitly allowed IP ranges, + # then explicitly blocked IP ranges, then the default (hardcoded) blocked IP ranges, returning OK on the + # first allowed match, not OK on the first blocked match, or just defaulting to OK if nothing is matched. + # + # As with all security settings, it is better to start too restrictive and then ease off depending on + # your use case, than to start too permissive and try to close the stable door after the horse has + # already bolted. With this in mind: + # - Don't touch these settings unless you have a good reason to, and only if you know what you're doing. + # - When adding explicitly allowed exceptions, use the narrowest possible CIDR for your use case. + # + # For reserved / special ranges, see: + # - https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml + # - https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml + # + # Both allow-ips and block-ips default to an empty array. + allow-ips: [] + block-ips: [] + ############################# ##### ADVANCED SETTINGS ##### #############################